IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Integration Bus & IBM App Connect Enterprise V11

IBM Integration Bus & IBM App connect Enterprise V11 ship with Node.js version 8 for which multiple vulnerabilities were reported and have been addressed. Vulnerability details are listed below.

CVE(s): CVE-2018-0737, CVE-2018-7166, CVE-2018-12115, CVE-2018-0732, CVE-2018-7167, CVE-2018-1000168, CVE-2018-7161, CVE-2018-7159, CVE-2018-7160

Affected product(s) and affected version(s):

IBM Integration Bus V10.0.0 – V10.0.0.14

IBM App connect Enterprise V11 , V11.0.0.0 – V11.0.0.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10733002
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141679
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148425
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148426
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144658
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144740
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141584
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144736
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143448
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143447

The post IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Integration Bus & IBM App Connect Enterprise V11 appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2Qdtaho