IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus, IBM App Connect Enterpise v11 and WebSphere Message Broker

Nov 22, 2018 8:01 am EST

Categorized: High Severity

Share this post:

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8.0.5.5 & 8.0.5.15 and IBM® Runtime Environment Java™ Versions 7.0.10.15 & 7.0.10.25 used by IBM Integration Bus & IBM App Connect Enterprise V11. These issues were disclosed as part of the IBM Java SDK updates in April & July 2018.

CVE(s): CVE-2018-2964, CVE-2018-2973, CVE-2018-2940, CVE-2018-2952, CVE-2018-1517, CVE-2016-0705, CVE-2017-3732, CVE-2017-3736, CVE-2018-2794, CVE-2018-2783, CVE-2018-2799, CVE-2018-2798, CVE-2018-2797, CVE-2018-2796, CVE-2018-2795, CVE-2018-2790

Affected product(s) and affected version(s):

IBM App Connect Enterprise V11 , V11.0.0.0 – V11.0.0.2

IBM Integration Bus V10.0.0.0 – V10.0.0.14

IBM Integration Bus V9.0.0.0 – V9.0.0.11

WebSphere Message Broker V8.0.0.0 – V8.0.0.9

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10732850
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146827
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146835
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146803
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146815
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141681
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111140
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/121313
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134397
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141950
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141939
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141955
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141954
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141953
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141952
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141951
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141946



from IBM Product Security Incident Response Team https://ift.tt/2FCyIOb