IBM Security Bulletin: IBM PureApplication Service is affected by a GPFS vulnerability (CVE-2018-1723)

There is a vulnerability in the GPFS component that is used by IBM PureApplication Service. IBM has released Version 2.2.5.3 for IBM PureApplication Service, in response to CVE-2018-1723. IBM PureApplication Service provides a GPFS pattern and addressed the applicable CVE.

CVE(s): CVE-2018-1723

Affected product(s) and affected version(s):

IBM PureApplication System V2.2.3.0
IBM PureApplication System V2.2.3.1
IBM PureApplication System V2.2.3.2
IBM PureApplication System V2.2.4.0
IBM PureApplication System V2.2.5.0
IBM PureApplication System V2.2.5.1
IBM PureApplication System V2.2.5.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22017440
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147373

The post IBM Security Bulletin: IBM PureApplication Service is affected by a GPFS vulnerability (CVE-2018-1723) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ibm.co/2DUUhGN