Home Unlabelled Security Bulletin: IBM Security Information Queue uses database components with known vulnerabilities (CVE-2016-3506, CVE-2018-1058, CVE-2018-10936, CVE-2019-9193)

Security Bulletin: IBM Security Information Queue uses database components with known vulnerabilities (CVE-2016-3506, CVE-2018-1058, CVE-2018-10936, CVE-2019-9193)

By
Wednesday, January 22, 2020
Read
Add Comment

IBM Security Information Queue (ISIQ) relies on older Oracle JDBC and PostgreSQL jar files that have known vulnerabilities. As of v1.0.5, ISIQ switched to newer, secure versions of the jar files.

Affected product(s) and affected version(s):

Affected Product(s)Version(s)
IBM Security Information Queue (ISIQ)1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1282324

The post Security Bulletin: IBM Security Information Queue uses database components with known vulnerabilities (CVE-2016-3506, CVE-2018-1058, CVE-2018-10936, CVE-2019-9193) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2RG1oZE
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us