IBM Integration Bus has addressed the following vulnerability
CVEID:CVE-2017-1694**
DESCRIPTION: *IBM Integration Bus transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/134165 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
IBM Integration Bus V10.0.0.0 - V10.0.0.9
IBM Integration Bus V9.0.0.0 - V9.0.0.9
Product
|
VRMF
|
APAR
|
Remediation / Fix
—|—|—|—
IBM Integration Bus| V10.0.0.0 to V10.0.0.9| APAR IT21391 | The APAR is available in fix pack 10.0.0.10
http://www-01.ibm.com/support/docview.wss?uid=swg24043943
IBM Integration Bus| V9.0.0.0 to V9.0.0.9| APAR IT21391| The APAR is available in fix pack 9.0.0.10
_<http://www-01.ibm.com/support/docview.wss?uid=swg24044363>_
None