IBM Integration Bus has addressed the following vulnerability
CVEID:CVE-2017-14919**
DESCRIPTION: *Node.js is vulnerable to a denial of service, caused by an uncaught exception flaw in the zlib module. By making 8 an invalid value for the windowBits parameter, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/134286 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
IBM Integration Bus V10.0.0.0 - V10.0.0.10
Product
| VRMF|APAR|Remediation/Fix
—|—|—|—
IBM Integration Bus| V10.0.0.11| APAR IT23046 | The APAR is available in fix pack 10.0.0.11
<http://www-01.ibm.com/support/docview.wss?uid=swg24044326>
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm integration bus | eq | 10.0 |