Wednesday, April 1, 2020

Security Bulletin: IBM Process Federation Server REST API is subject to DoS attacks

Apr 1, 2020 8:00 pm EDT

Categorized: Medium Severity

Share this post:

IBM Process Federation Server Global Teams REST API does not properly shut down the thread pools that it creates, leading to OutOfMemory exceptions, and could be targeted by DoS attacks.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Automation Workstream Services in Cloud Pak for Automation 19.0.3
IBM Process Federation Server 18.0.0.1 to 19.0.0.3 included

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6125403



from IBM Product Security Incident Response Team https://ift.tt/2xEZv95

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.