SymmetricalDataSecurity

Thursday, November 1, 2018

IBM Security Bulletin: IBM API Connect is affected by multiple third-party vulnerabilities (Node.js, nghttp2, Linux, Intel CPU, Android)

API Connect has addressed the following vulnerabilities.

CVE(s): CVE-2018-13094, CVE-2018-3640, CVE-2018-3620, CVE-2018-3646, CVE-2017-13168, CVE-2018-12233, CVE-2018-13405, CVE-2018-13406, CVE-2018-12115, CVE-2018-7159, CVE-2018-7158, CVE-2018-1000168, CVE-2018-7161, CVE-2018-7167, CVE-2018-7160, CVE-2018-10876, CVE-2018-10878, CVE-2018-10879, CVE-2018-5391, CVE-2018-10881, CVE-2018-5390, CVE-2018-10877, CVE-2018-10882, CVE-2018-3639

Affected product(s) and affected version(s):

Affected Product	Affected Versions
IBM API Connect	5.0.0.0-5.0.8.4

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10735757
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145959
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143570
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148318
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148319
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/136062
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144767
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146434
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147005
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148426
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143448
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143449
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141584
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144736
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144740
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143447
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147834
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147833
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147832
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148388
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147820
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147950
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147438
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147831
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143569

The post IBM Security Bulletin: IBM API Connect is affected by multiple third-party vulnerabilities (Node.js, nghttp2, Linux, Intel CPU, Android) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2QaN2yo

Posted by con.healy@symmetricaldatasecurity.com at 6:11 AM

Email This BlogThis!Share to Twitter Share to Facebook Share to Pinterest

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Newer Post Older Post Home

Subscribe to: Post Comments (Atom)

Blog Archive

► 2023 (1530)
- ► December (61)
- ► November (63)
- ► October (88)
- ► September (125)
- ► August (119)
- ► July (113)
- ► June (128)
- ► May (170)
- ► April (164)
- ► March (176)
- ► February (151)
- ► January (172)

► 2022 (2256)
- ► December (183)
- ► November (167)
- ► October (192)
- ► September (198)
- ► August (193)
- ► July (189)
- ► June (188)
- ► May (178)
- ► April (184)
- ► March (193)
- ► February (168)
- ► January (223)

► 2021 (7962)
- ► December (349)
- ► November (687)
- ► October (697)
- ► September (674)
- ► August (711)
- ► July (704)
- ► June (682)
- ► May (715)
- ► April (680)
- ► March (706)
- ► February (644)
- ► January (713)

► 2020 (8290)
- ► December (691)
- ► November (691)
- ► October (625)
- ► September (690)
- ► August (710)
- ► July (704)
- ► June (694)
- ► May (706)
- ► April (690)
- ► March (722)
- ► February (649)
- ► January (718)

► 2019 (7253)
- ► December (696)
- ► November (683)
- ► October (713)
- ► September (678)
- ► August (509)
- ► July (541)
- ► June (506)
- ► May (615)
- ► April (588)
- ► March (627)
- ► February (544)
- ► January (553)

▼ 2018 (5986)
- ► December (436)
- ▼ November (539)
- ► October (704)
- ► September (599)
- ► August (479)
- ► July (515)
- ► June (352)
- ► May (424)
- ► April (490)
- ► March (504)
- ► February (410)
- ► January (534)

► 2017 (22384)
- ► December (352)
- ► November (579)
- ► October (2214)
- ► September (499)
- ► August (1937)
- ► July (495)
- ► June (574)
- ► May (5388)
- ► April (5372)
- ► March (4060)
- ► February (472)
- ► January (442)

► 2016 (8109)
- ► December (446)
- ► November (427)
- ► October (540)
- ► September (517)
- ► August (548)
- ► July (582)
- ► June (808)
- ► May (858)
- ► April (809)
- ► March (926)
- ► February (931)
- ► January (717)

► 2015 (12420)
- ► December (863)
- ► November (735)
- ► October (788)
- ► September (765)
- ► August (835)
- ► July (897)
- ► June (870)
- ► May (897)
- ► April (1308)
- ► March (1532)
- ► February (1384)
- ► January (1546)

► 2014 (15655)
- ► December (1504)
- ► November (1500)
- ► October (1511)
- ► September (1489)
- ► August (1550)
- ► July (1520)
- ► June (1242)
- ► May (1073)
- ► April (1106)
- ► March (959)
- ► February (1016)
- ► January (1185)

► 2013 (6591)
- ► December (1024)
- ► November (1110)
- ► October (1156)
- ► September (1509)
- ► August (1444)
- ► July (348)

Search This Blog

Total Pageviews

Subscribe To

Posts

Posts

Comments

Comments

Translate

Awesome Inc. theme. Powered by Blogger.