IBM Security Bulletin: IBM MessageSight is affected by the following four IBM Java vulnerabilities
Jan 22, 2019 9:01 am EST
Categorized: High Severity
Share this post:
IBM MessageSight has addressed the following Java vulnerabilities: CVE-2018-3183: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting) CVE-2018-3169: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot) CVE-2018-3149: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI) CVE-2018-3136: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security)
CVE(s): CVE-2018-3136, CVE-2018-3149, CVE-2018-3169, CVE-2018-3183
Affected product(s) and affected version(s):
Affected IBM MessageSight | Affected Versions |
---|---|
IBM MessageSight | 1.2.0.0 – 1.2.0.3 |
IBM MessageSight | 2.0.0.0 – 2.0.0.2 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10795876
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151452
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151465
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151486
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151500
from IBM Product Security Incident Response Team https://ibm.co/2HspIw5