Security Bulletin: IBM MQ Appliance is affected by a man in the middle vulnerability (CVE-2018-1663)

Summary IBM MQ Appliance has addressed the following man in the middle vulnerability. Vulnerability Details CVEID: CVE-2018-1663 DESCRIPTION: IBM WebSphere DataPower Appliances could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict...

CVE-2018-1663

IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, 7.6, and 2018.4 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...

CVE-2018-1663

CVE-2018-1663 affects IBM DataPower Gateways (versions 7.5.x, 7.6, and 2018.4). Root cause: failure to properly enable HTTP Strict Transport Security, enabling potential information disclosure via man-in-the-middle. Impact: remote attacker could obtain sensitive information. Remediation / fixes c...

Security Bulletin: IBM DataPower Gateways is affected by a downgrade vulnerability (CVE-2018-1663)

Summary IBM DataPower Gateway has addressed the following vulnerability: CVE-2018-1663 Vulnerability Details CVEID: CVE-2018-1663 DESCRIPTION: IBM DataPower Gateways could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport...