Wednesday, January 24, 2018

IBM Security Bulletin: Content Collector for Email is affected by vulnerability due to information disclosure in MyFaces for WebSphere Application Server

Content Collector for Email has addressed following vulnerability: WebSphere Application Server could allow a remote attacker to obtain sensitive information because of improper error handling by MyFaces.

CVE(s): CVE-2017-1583

Affected product(s) and affected version(s):

Content Collector for Email 3.0.0
Content Collector for Email 4.0.0
Content Collector for Email 4.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22012737
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132342

The post IBM Security Bulletin: Content Collector for Email is affected by vulnerability due to information disclosure in MyFaces for WebSphere Application Server appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2DCtuRm

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.