IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect WebSphere Message Broker , IBM Integration Bus and IBM App Connect

Nov 21, 2018 8:00 am EST

Categorized: Medium Severity

Share this post:

Multiple vulnerabilities in OpenSSL affect WebSphere Message Broker, IBM Integration Bus and IBM App Connect. The DataDirect ODBC Drivers used by WebSphere Message Broker , IBM App Connect and IBM Integration Bus have addressed the applicable CVEs.

CVE(s): CVE-2017-3735, CVE-2017-3736, CVE-2017-3738, CVE-2018-0737, CVE-2017-3737

Affected product(s) and affected version(s):

IBM App Connect V11

IBM Integration Bus V10, V9

WebSphere Message Broker V8

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10735561
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131047
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134397
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/136078
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141679
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/136077

from IBM Product Security Incident Response Team https://ift.tt/2TAtyWb