IBM Integration Bus and WebSphere Message Broker have addressed applicable CVE
CVEID: CVE-2017-1144**
DESCRIPTION:** IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting.
CVSS Base Score: 2.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/122033 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
IBM Integration Bus V10.0.0.0 - 10.0.0.7
IBM Integration Bus V9.0.0.0 - 9.0.0.7
WebSphere Message Broker V8.0.0.0 - 8.0.0.8
Product
| VRMF|APAR|Remediation/Fix
—|—|—|—
IBM Integration Bus| V10.0.0.0- 10.0.0.7| IT19111 | The APAR is available in fix pack 10.0.0.8
<http://www-01.ibm.com/support/docview.wss?uid=swg24043443>
IBM Integration Bus| V9.0.0.0- 9.0.0.7| IT19111 | The APAR is available in fix pack 9.0.0.8
<http://www-01.ibm.com/support/docview.wss?uid=swg24043751>
WebSphere Message Broker| V8.0.0.0 - 8.0.0.8| IT19111 | The APAR is available in fix pack 8.0.0.9
https://www.ibm.com/support/docview.wss?uid=swg24043806
|
|
|
For unsupported versions of the product, IBM recommends upgrading to a fixed, supported version/release/platform of the product.
The planned maintenance release dates for WebSphere Message Broker and IBM Integration Bus are available at :
http://www.ibm.com/support/docview.wss?rs=849&uid=swg27006308
None known
CPE | Name | Operator | Version |
---|---|---|---|
ibm integration bus | eq | 10.0 | |
ibm integration bus | eq | 9.0 | |
websphere message broker | eq | 8.0 |