Lucene search

K
ibmIBMADFE973D8DE75277E9EFC45721D8E95AA276E7A47E8AD912E51F9030BD45EBD5
HistoryJun 17, 2019 - 4:45 p.m.

Security Bulletin: Potential denial of service vulnerability in IBM Decision Optimization for Watson Studio Local

2019-06-1716:45:01
www.ibm.com
15

EPSS

0.002

Percentile

64.3%

Summary

There is a potential denial of service vulnerability in IBM Decision Optimization for Watson Studio Local

Vulnerability Details

CVEID:CVE-2019-5428
**DESCRIPTION:*Node.js jQuery module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request to inject properties on Object.prototype, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160026&gt; for the current score
CVSS Environmental Score
: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Affected Watson Studio (Decision Optimization) Affected Versions
IBM Decision Optimization for Watson Studio Local 1.2.3.x and and earlier releases

Remediation/Fixes

Node.js jQuery module v3.4.0 and subsequent releases

You are strongly encourage to upgrade to IBM Decision Optimization for Watson Studio Local 1.2.3.2

Workarounds and Mitigations

None

EPSS

0.002

Percentile

64.3%

Related for ADFE973D8DE75277E9EFC45721D8E95AA276E7A47E8AD912E51F9030BD45EBD5