IBM Security Bulletin: IBM PureApplication System is affected by a vulnerability in VMWare component (CVE-2018-6974)

Jan 25, 2019 9:01 am EST

Categorized: High Severity

Share this post:

A vulnerability is reported in the VMWare component, and this component is used by IBM PureApplication System. IBM has released Version 2.2.5.3 for IBM PureApplication System, in response to CVE-2018-6974. IBM PureApplication System has addressed the applicable CVE.

CVE(s): CVE-2018-6974

Affected product(s) and affected version(s):

IBM PureApplication System V2.2.3.0
IBM PureApplication System V2.2.3.1
IBM PureApplication System V2.2.3.2
IBM PureApplication System V2.2.4.0
IBM PureApplication System V2.2.5.0
IBM PureApplication System V2.2.5.1
IBM PureApplication System V2.2.5.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10795276
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151361

from IBM Product Security Incident Response Team https://ibm.co/2WkrORX