IBM Alert Notification is affected by one or more security vulnerabilities.
When using Internet Explorer, Alert Notification can be loaded in to an iframe that is not part of the Alert Notification system. If you do not load Alert Notification directly, your session might be intercepted using a technique known as click jacking. To avoid this security risk, use an up-to-date browser such as Microsoft Edge, Mozilla Firefox, or Google Chrome.
If you have any questions, please contact Alert Notification Support at https://www.ibm.com/mysupport/.
CVE(s): CVE-2018-1365
Affected product(s) and affected version(s):
IBM Alert Notification
Refer to the following reference URLs for remediation and additional vulnerability details.
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22013238
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137451
The post IBM Security Bulletin: IBM Alert Notification is affected by a security vulnerability when using Microsoft Internet Explorer (CVE-2018-1365) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2FKkNC9
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.