Thursday, January 5, 2017

IBM Security Bulletin: IBM Tivoli Common Reporting (TCR) 2016Q4 Security Updater : TCR is affected by multiple vulnerabilities.

This bulletin addresses several security vulnerabilities. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 and the IBM® Runtime Environment Java™ Technology Edition, Version 7 that are used by IBM Cognos Business Intelligence. These issues were disclosed as part of the IBM Java SDK updates. OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Cognos Business Intelligence. IBM Cognos Business Intelligence has addressed the applicable CVEs. IBM Cognos Business Intelligence has addressed several Libxml2 vulnerabilities. A cross-side scripting vulnerability is also fixed.

CVE(s): CVE-2016-4483, CVE-2016-2073, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2015-8806, CVE-2016-5986, CVE-2016-0359, CVE-2016-0218, CVE-2016-6302, CVE-2016-6304, CVE-2016-6305, CVE-2016-6303, CVE-2016-2180, CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, CVE-2016-2181, CVE-2016-2183, CVE-2016-6309, CVE-2016-7052, CVE-2016-2182, CVE-2016-3498, CVE-2016-3552, CVE-2016-3503, CVE-2016-3092

Affected product(s) and affected version(s):

Tivoli Common Reporting 3.1

Tivoli Common Reporting 3.1.0.1

Tivoli Common Reporting 3.1.0.2

Tivoli Common Reporting 3.1.2

Tivoli Common Reporting 3.1.2.1

Tivoli Common Reporting 3.1.3

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2jegKWf
X-Force Database: http://ift.tt/2cX854V
X-Force Database: http://ift.tt/1PHUv5U
X-Force Database: http://ift.tt/1syye00
X-Force Database: http://ift.tt/29qofDU
X-Force Database: http://ift.tt/29hoGgb
X-Force Database: http://ift.tt/29qou1O
X-Force Database: http://ift.tt/2dmXfFU
X-Force Database: http://ift.tt/2ccJKps
X-Force Database: http://ift.tt/28YBUiZ
X-Force Database: http://ift.tt/2jepPOX
X-Force Database: http://ift.tt/2dR4fNY
X-Force Database: http://ift.tt/2dmY7tO
X-Force Database: http://ift.tt/2dR3XX1
X-Force Database: http://ift.tt/2dmXjFz
X-Force Database: http://ift.tt/2dmWOvf
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2dR5fBu
X-Force Database: http://ift.tt/2dmYpRr
X-Force Database: http://ift.tt/2dR3Smm
X-Force Database: http://ift.tt/2dmYa8Y
X-Force Database: http://ift.tt/2dmXLUk
X-Force Database: http://ift.tt/2dR3VyC
X-Force Database: http://ift.tt/2fn8D82
X-Force Database: http://ift.tt/2dTp6vD
X-Force Database: http://ift.tt/2dR45pA
X-Force Database: http://ift.tt/2bTqVZ8
X-Force Database: http://ift.tt/2ctoPUY
X-Force Database: http://ift.tt/2bTrbY9
X-Force Database: http://ift.tt/2bozrA8



from IBM Product Security Incident Response Team http://ift.tt/2ieZe0c
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)