Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM30A8BD232E4DC02C7C0278B43E68ECBF0065C5D5D0BA0C43F3C75551D87E6BE7
HistoryFeb 11, 2019 - 4:15 p.m.

Security Bulletin: IBM InfoSphere Change Data Capture is affected by a jackson-core open source library vulnerability (CVE-2018-0125)

2019-02-1116:15:01
www.ibm.com
11

EPSS

0.53

Percentile

97.6%

JSON

Summary

InfoSphere Data Replication has addressed the following vulnerability: CVE-2018-0125 (Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow a remote attacker to execute arbitrary code on the system, caused by an incomplete input validation on user-controlled input in an HTTP request in the Web interface. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code with root privileges or cause the device to reload)

Vulnerability Details

CVEID: CVE-2018-0125 DESCRIPTION: Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow a remote attacker to execute arbitrary code on the system, caused by an incomplete input validation on user-controlled input in an HTTP request in the Web interface. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code with root privileges or cause the device to reload.
CVSS Base Score: 9.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138770&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

InfoSphere Data Replication 11.4

Remediation/Fixes

Product VRMF APAR Remediation / First Fix
InfoSphere Data Replication

IIDR 11.4.0.2-5095 for all LUW engines

| N/A | Please download the latest release available in Fix Central: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%20Management&product=ibm/Information+Management/IBM+InfoSphere+Data+Replication&release=11.4&platform=All&function=all&source=fc

Workarounds and Mitigations

N/A

Related

attackerkb 1
prion 1
cisa_kev 1
nessus 1
nvd 1
cvelist 1
cisco 1
cve 1
seebug 1
ibm 1
attackerkb
attackerkb
CVE-2018-0125
2018-02-08 00:00:00
prion
prion
Input validation
2018-02-08 07:29:00
cisa_kev
cisa_kev
Cisco VPN Routers Remote Code Execution Vulnerability
2022-03-25 00:00:00
nessus
nessus
Cisco Small Business RV132W and RV134W Remote Code Execution (cisco-sa-20180207-rv13x)
2019-10-10 00:00:00
nvd
nvd
CVE-2018-0125
2018-02-08 07:29:00
cvelist
cvelist
CVE-2018-0125
2018-02-08 07:00:00
cisco
cisco
Cisco RV132W and RV134W Remote Code Execution and Denial of Service Vulnerability
2018-02-07 16:00:00
cve
cve
CVE-2018-0125
2018-02-08 07:29:00
seebug
seebug
Cisco RV132W Multiple Vulnerabilities(CVE-2018-0125/CVE-2018-0127)
2018-02-23 00:00:00
ibm
ibm
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities
2019-02-18 14:10:01

EPSS

0.53

Percentile

97.6%

JSON
Related for 30A8BD232E4DC02C7C0278B43E68ECBF0065C5D5D0BA0C43F3C75551D87E6BE7
attackerkb1prion1cisa_kev1nessus1nvd1cvelist1cisco1cve1seebug1ibm1