IBM Security Bulletin: IBM MQ Appliance is affected by a cross-site request forgery vulnerability (CVE-2018-1661)

IBM MQ Appliance has addressed the following cross-site request forgery vulnerability.

CVE(s): CVE-2018-1661

Affected product(s) and affected version(s):

IBM MQ Appliance 8.0
Maintenance levels between 8.0.0.0 and 8.0.0.11

IBM MQ Appliance 9.1 Long Term Support (LTS) Release
Maintenance levels between 9.1.0.0 and 9.1.0.1

IBM MQ Appliance 9.1.x Continuous Delivery (CD) Release
Continuous delivery update 9.1.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10739235
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144887

The post IBM Security Bulletin: IBM MQ Appliance is affected by a cross-site request forgery vulnerability (CVE-2018-1661) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2XfU34P