IBM Security Bulletin: IBM Connections Security Refresh for Apache Struts Remote Code Execution (RCE) Vulnerability (CVE-2018-11776)
Sep 18, 2018 9:01 am EDT
Categorized: High Severity
Share this post:
Certain versions of Apache Struts 2 Framework are vulnerable to RCE attacks. IBM Connections uses Apache Struts 2, see details below for remediation information.
CVE(s): CVE-2018-11776
Affected product(s) and affected version(s):
The following versions of IBM Connections are impacted:
IBM Connections 6.0
IBM Connections 5.5
IBM Connections 5.0
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10731343
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148694
from IBM Product Security Incident Response Team https://ift.tt/2xmbTI7