InfoSphere Data Replication has addressed the following vulnerability: CVE-2018-0125 (Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow a remote attacker to execute arbitrary code on the system, caused by an incomplete input validation on user-controlled input in an HTTP request in the Web interface. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code with root privileges or cause the device to reload)
CVE(s): CVE-2018-0125
Affected product(s) and affected version(s):
InfoSphere Data Replication 11.4
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10870982
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138770
The post IBM Security Bulletin: IBM InfoSphere Change Data Capture is affected by a jackson-core open source library vulnerability (CVE-2018-0125) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2NALmhd
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.