IBM Security Bulletin:
Oracle Outside In Technology is used by and contained in IBM WebSphere Portal. A fix is available for security vulnerabilities in Oracle Outside In Technology that affect IBM WebSphere Portal (CVE-2018-3147, CVE-2018-3224, CVE-2018-3302, CVE-2018-3217, CVE-2018-3218, CVE-2018-3219, CVE-2018-3220, CVE-2018-3221, CVE-2018-3222, CVE-2018-3223, CVE-2018-3225, CVE-2018-3226, CVE-2018-3227, CVE-2018-3228, CVE-2018-3229, CVE-2018-3230, CVE-2018-3231, CVE-2018-3232, CVE-2018-3233, CVE-2018-3234, CVE-2018-18223, CVE-2018-18224).
CVE(s): CVE-2018-18224, CVE-2018-3227, CVE-2018-3226, CVE-2018-3218, CVE-2018-3229, CVE-2018-3217, CVE-2018-3228, CVE-2018-3219, CVE-2018-3230, CVE-2018-3232, CVE-2018-3221, CVE-2018-3231, CVE-2018-3220, CVE-2018-3223, CVE-2018-3234, CVE-2018-3233, CVE-2018-3222, CVE-2018-3225, CVE-2018-3302, CVE-2018-3224, CVE-2018-3147, CVE-2018-18223
Affected product(s) and affected version(s):
Affected Product | Affected Versions |
---|---|
IBM WebSphere Portal | 9.0.0.0 – 9.0.0.0 CF16 |
IBM WebSphere Portal | 8.5.0.0 – 8.5.0.0 CF16 |
IBM WebSphere Portal | 8.0.0.0 – 8.0.0.1 CF23 |
IBM WebSphere Portal | 7.0.0.0 – 7.0.0.2 CF30 |
For unsupported versions IBM recommends upgrading to a fixed, supported version of the product.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10741133
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151427
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151542
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151541
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151533
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151544
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151532
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151543
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151534
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151545
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151547
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151536
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151546
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151535
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151538
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151549
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151548
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151537
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151540
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151614
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151539
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151463
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151426
The post IBM Security Bulletin: appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2SrS7CW