Lucene search
IBM583CCCE49599411DC8289CA824965EAB2D6815F5D289B41F27C8A99B236FF21AHistoryJun 08, 2021 - 9:47 p.m.
Security Bulletin: Potential disclosure of information in IBM DataPower Gateway (CVE-2018-14348)
2021-06-0821:47:38
www.ibm.com
13
ibm datapower gateway
cve-2018-14348
disclosure fix
libcgroup
information disclosure
vulnerability
ibm datapower gateway 2018.4.1.0-2018.4.1.8
ibm datapower gateway 7.6.0.0-7.6.0.17
it30947 fix
EPSS
0.002
Percentile
64.4%
Summary
IBM DataPower Gateway has addressed CVE 2018-14348
Vulnerability Details
CVEID:CVE-2018-14348
**DESCRIPTION:**libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/148451 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM DataPower Gateway | 2018.4.1.0-2018.4.1.8 |
| IBM DataPower Gateway | 7.6.0.0-7.6.0.17 |
Remediation/Fixes
| Affected Product | Fixed in version | APAR |
|---|---|---|
| IBM DataPower Gateway | 7.6.0.18 | IT30947 |
| IBM DataPower Gateway | 2018.4.1.9 | IT30947 |
Workarounds and Mitigations
None
Related
fedora
fedora
[SECURITY] Fedora 28 Update: libcgroup-0.41-20.fc28
2018-08-08 16:11:47
debian
debian
[SECURITY] [DLA 1472-1] libcgroup security update
2018-08-20 21:01:22
nessus
nessus
RHEL 6 : libcgroup (Unpatched Vulnerability)
2024-06-03 00:00:00
EulerOS Virtualization 3.0.2.2 : libcgroup (EulerOS-SA-2020-2192)
2020-10-21 00:00:00
openSUSE Security Update : libcgroup (openSUSE-2018-821)
2018-08-08 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libcgroup (EulerOS-SA-2019-1953)
2020-01-23 00:00:00
Mageia: Security Advisory (MGASA-2018-0380)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for libcgroup (EulerOS-SA-2020-1731)
2020-07-03 00:00:00
osv
osv
libcgroup - security update
2018-08-20 00:00:00
libcgroup vulnerability
2021-03-15 22:29:20
amazon
amazon
Medium: libcgroup
2019-10-21 18:01:00
cbl_mariner
cbl_mariner
CVE-2018-14348 affecting package libcgroup 0.41-24
2020-09-09 06:09:11
CVE-2018-14348 affecting package libcgroup for versions less than 0.41-23
2022-04-09 06:51:58
suse
suse
Security update for libcgroup (moderate)
2018-08-07 21:10:23
cve
cve
CVE-2018-14348
2018-08-14 18:29:00
mageia
mageia
Updated libcgroup packages fix security vulnerability
2018-09-21 19:26:22
cvelist
cvelist
CVE-2018-14348
2018-08-14 16:00:00
ubuntucve
ubuntucve
CVE-2018-14348
2018-08-14 00:00:00
ibm
ibm
prion
prion
Information disclosure
2018-08-14 18:29:00
veracode
veracode
Insecure Defaults
2018-08-03 09:25:45
debiancve
debiancve
CVE-2018-14348
2018-08-14 18:29:00
redhat
redhat
(RHSA-2019:2047) Moderate: libcgroup security update
2019-08-06 07:54:59
nvd
nvd
CVE-2018-14348
2018-08-14 18:29:00
ubuntu
ubuntu
libcgroup vulnerability
2021-03-15 00:00:00
redhatcve
redhatcve
CVE-2018-14348
2018-08-02 06:18:45
broadcom
broadcom
oraclelinux
oraclelinux
libcgroup security update
2019-08-13 00:00:00
f5
f5
K26890535 : libcgroup vulnerability CVE-2018-14348
2022-07-22 00:00:00
centos
centos
libcgroup security update
2019-08-30 03:13:23
EPSS
0.002
Percentile
64.4%
Related for 583CCCE49599411DC8289CA824965EAB2D6815F5D289B41F27C8A99B236FF21A