Home Unlabelled IBM Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect the configuration editor used by IBM Business Automation Workflow and Business Process Manager (BPM)

IBM Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect the configuration editor used by IBM Business Automation Workflow and Business Process Manager (BPM)

By
Friday, September 14, 2018
Read
Add Comment

Sep 14, 2018 9:00 am EDT

Categorized: High Severity

Share this post:

Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Automation Workflow and IBM BPM include a stand-alone tool for editing configuration properties files that is based on IBM SDK for Node.js.

CVE(s): CVE-2018-0732, CVE-2018-12115, CVE-2018-7166, CVE-2018-0737

Affected product(s) and affected version(s):

– IBM Business Automation Workflow V18.0.0.0 through V18.0.0.1

– IBM Business Process Manager V8.6.0.0 through V8.6.0.0 Cumulative Fix 2018.03

– IBM Business Process Manager V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06

– IBM Business Process Manager V8.5.6.0 through V8.5.6.0 CF2

– IBM Business Process Manager V8.5.5.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10729005
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144658
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148426
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148425
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141679



from IBM Product Security Incident Response Team https://ift.tt/2Mvf9FW
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us