IBMC5DE2357D296F2CA9F2FA1B8B3FC901AD619D87907158328E020E89D21F8280DSecurity Bulletin: A security vulnerability has been identified in FileNet Content Management Interoperability Services (CMIS) shipped with IBM Case Manager (CVE-2018-1364)
Summary
FileNet Content Management Interoperability Services (CMIS) is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting FileNet Content Management Interoperability Services (CMIS) has been published in a separate security bulletin.
Vulnerability Details
Please consult the security bulletin Security Bulletin: FileNet Content Management Interoperability Services (CMIS), which ships with IBM Content Navigator, is affected by the ability to parse untrusted XML input containing a reference to an external entity for vulnerability details and information about fixes.
Affected Products and Versions
This vulnerability affects the following versions and releases:
- IBM Case Manager 5.2.0.0 - 5.2.0.4
- IBM Case Manager 5.2.1.0 - 5.2.1.7
- IBM Case Manager 5.3.0.0
- IBM Case Manager 5.3.1.0
- IBM Case Manager 5.3.2.0
- IBM Case Manager 5.3.3.0
Remediation/Fixes
Product
|
VRMF
|
APAR
|
Remediation/First Fix
—|—|—|—
IBM Case Manager | 5.3.0.0 - 5.3.3.0 | PJ45479 | 5.3.3.0-ICM-IF001 or later versions
IBM Case Manager | 5.2.1.0 - 5.2.1.7 | PJ45496 | 5.2.1.7-ICM-IF004_ or later versions_
IBM Case Manager | 5.2.0.0 - 5.2.0.4 | PJ45497 | 5.2.0.4-ICM-IF003 or later versions
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm case manager | eq | any |
Related
