A potential cross-site scripting vulnerability exists in the IBM MQ Appliance system log. IBM has addressed the applicable CVE.
CVE(s): CVE-2017-1591
Affected product(s) and affected version(s):
IBM MQ Appliance 8.0
Maintenance levels between 8.0.0.0 and 8.0.0.7
IBM MQ Appliance 9.0.x Continuous Delivery (CD) Release
Continuous delivery updates between 9.0.1 and 9.0.3
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2iWMJZ4
X-Force Database: http://ift.tt/2hviB9E
The post IBM Security Bulletin: Vulnerability in system log on IBM MQ Appliance WebGUI (CVE-2017-1591) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2iYvZR2
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.