IBM Cloud Private, Cloud Foundry for IBM Cloud Private and IBM Cloud Automation Manager are vulnerable to multiple security vulnerabilities in Node.js
CVE(s): CVE-2018-12122, CVE-2018-12121, CVE-2018-12120, CVE-2018-5407, CVE-2018-0735, CVE-2018-0734, CVE-2018-12123, CVE-2018-12116
Affected product(s) and affected version(s):
- IBM Cloud Private 2.1.x, 3.1.0, 3.1.1
- Cloud Foundry for IBM Cloud Private 3.1.1
- IBM Cloud Automation Manager 3.1.0
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/docview.wss?uid=ibm10869830
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153456
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153455
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153454
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152484
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152086
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152085
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153457
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153452
The post IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private – Node.js appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2Em9uQv
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.