This bulletin addresses several security vulnerabilities that are fixed in IBM Cognos Analytics 11.0.5.0. IBM Cognos Analytics has addressed several Libxml2 vulnerabilities. There are multiple vulnerabilities in IBM® WebSphere Application Server Liberty. Liberty is used by IBM Cognos Analytics. These issues were disclosed as part of the IBM WebSphere Application Server Liberty updates. Two cross-side scripting vulnerabilities are also fixed.
CVE(s): CVE-2016-4483, CVE-2016-2073, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2015-8806, CVE-2016-5986, CVE-2016-0359, CVE-2016-0218, CVE-2016-0217
Affected product(s) and affected version(s):
IBM Cognos Analytics Version 11.0.0.0 to 11.0.4.0
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2jQpvSX
X-Force Database: http://ift.tt/2cX854V
X-Force Database: http://ift.tt/1PHUv5U
X-Force Database: http://ift.tt/1syye00
X-Force Database: http://ift.tt/29qofDU
X-Force Database: http://ift.tt/29hoGgb
X-Force Database: http://ift.tt/29qou1O
X-Force Database: http://ift.tt/2dmXfFU
X-Force Database: http://ift.tt/2ccJKps
X-Force Database: http://ift.tt/28YBUiZ
X-Force Database: http://ift.tt/2jepPOX
X-Force Database: http://ift.tt/2joy1Mh
from IBM Product Security Incident Response Team http://ift.tt/2jQtuPj
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.