The Planning Analytics Workspace component of IBM Planning Analytics is vulnerable to multiple Node.js vulnerabilities including OpenSSL vulnerabilities in Node.js. The version of Node.js use by IBM Planning Analytics Workspace has been upgraded to address these vulnerabilities.
CVE(s): CVE-2018-0732, CVE-2018-0737, CVE-2018-7158, CVE-2018-7159, CVE-2018-7160, CVE-2018-7166, CVE-2018-12115
Affected product(s) and affected version(s):
IBM Planning Analytics Local 2.0 (Planning Analytics Workspace)
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10740011
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144658
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141679
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143449
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143448
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143447
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148425
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148426
The post IBM Security Bulletin: IBM Planning Analytics Local is affected by multiple Node.js vulnerabilities appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2FjAzYd
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.