SymmetricalDataSecurity

Wednesday, April 24, 2019

IBM Security Bulletin: Multiple vulnerabilities in IBM SDK, and Ruby on Rails affect BigFix Compliance

The BigFix Compliance product may be subject to third-party vulnerabilities in the areas of confidentiality, integrity, availability, and others. These vulnerabilities have been addressed in release 1.10.1. Further details on the specific modules, scores, and vulnerabilities are provided below.

CVE(s): http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5419, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5418, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5420, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3139, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3136, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13785, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3214, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3180, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3149, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3169, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3183

Affected product(s) and affected version(s):

Affected Product	Affected Version
IBM BigFix Compliance	1.7-1.10.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10881644
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158110
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158109
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158111
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151455
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151452
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146015
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151530
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151497
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151465
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151486
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151500

The post IBM Security Bulletin: Multiple vulnerabilities in IBM SDK, and Ruby on Rails affect BigFix Compliance appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ibm.co/2ITvzK8

Posted by con.healy@symmetricaldatasecurity.com at 6:14 AM

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Newer Post Older Post Home

Subscribe to: Post Comments (Atom)

Blog Archive

► 2023 (1530)
- ► December (61)
- ► November (63)
- ► October (88)
- ► September (125)
- ► August (119)
- ► July (113)
- ► June (128)
- ► May (170)
- ► April (164)
- ► March (176)
- ► February (151)
- ► January (172)

► 2022 (2256)
- ► December (183)
- ► November (167)
- ► October (192)
- ► September (198)
- ► August (193)
- ► July (189)
- ► June (188)
- ► May (178)
- ► April (184)
- ► March (193)
- ► February (168)
- ► January (223)

► 2021 (7962)
- ► December (349)
- ► November (687)
- ► October (697)
- ► September (674)
- ► August (711)
- ► July (704)
- ► June (682)
- ► May (715)
- ► April (680)
- ► March (706)
- ► February (644)
- ► January (713)

► 2020 (8290)
- ► December (691)
- ► November (691)
- ► October (625)
- ► September (690)
- ► August (710)
- ► July (704)
- ► June (694)
- ► May (706)
- ► April (690)
- ► March (722)
- ► February (649)
- ► January (718)

▼ 2019 (7253)
- ► December (696)
- ► November (683)
- ► October (713)
- ► September (678)
- ► August (509)
- ► July (541)
- ► June (506)
- ► May (615)
- ▼ April (588)
- ► March (627)
- ► February (544)
- ► January (553)

► 2018 (5986)
- ► December (436)
- ► November (539)
- ► October (704)
- ► September (599)
- ► August (479)
- ► July (515)
- ► June (352)
- ► May (424)
- ► April (490)
- ► March (504)
- ► February (410)
- ► January (534)

► 2017 (22384)
- ► December (352)
- ► November (579)
- ► October (2214)
- ► September (499)
- ► August (1937)
- ► July (495)
- ► June (574)
- ► May (5388)
- ► April (5372)
- ► March (4060)
- ► February (472)
- ► January (442)

► 2016 (8109)
- ► December (446)
- ► November (427)
- ► October (540)
- ► September (517)
- ► August (548)
- ► July (582)
- ► June (808)
- ► May (858)
- ► April (809)
- ► March (926)
- ► February (931)
- ► January (717)

► 2015 (12420)
- ► December (863)
- ► November (735)
- ► October (788)
- ► September (765)
- ► August (835)
- ► July (897)
- ► June (870)
- ► May (897)
- ► April (1308)
- ► March (1532)
- ► February (1384)
- ► January (1546)

► 2014 (15655)
- ► December (1504)
- ► November (1500)
- ► October (1511)
- ► September (1489)
- ► August (1550)
- ► July (1520)
- ► June (1242)
- ► May (1073)
- ► April (1106)
- ► March (959)
- ► February (1016)
- ► January (1185)

► 2013 (6591)
- ► December (1024)
- ► November (1110)
- ► October (1156)
- ► September (1509)
- ► August (1444)
- ► July (348)

Search This Blog

Total Pageviews

Subscribe To

Posts

Posts

Comments

Comments

Translate

Awesome Inc. theme. Powered by Blogger.