Oct 20, 2017 10:49 am EDT
Categorized: High Severity
Share this post:
There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition Version 7 that is used by IBM Planning Analytics Express and IBM Cognos Express. These issues were disclosed as part of the IBM Java SDK updates in Oct 2016 and Jan 2017. OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Planning Analytics Express and IBM Cognos Express. The applicable CVEs have been addressed.
CVE(s): CVE-2016-2183, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2016-5573, CVE-2016-5597, CVE-2016-7055, CVE-2017-3732
Affected product(s) and affected version(s):
IBM Cognos Express 10.2.1
IBM Cognos Express 10.2.2
IBM Planning Analytics Express 2.0
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2zUsMtg
X-Force Database: http://ift.tt/2dR3VyC
X-Force Database: http://ift.tt/2msBF5I
X-Force Database: http://ift.tt/2lAx183
X-Force Database: http://ift.tt/2msD77U
X-Force Database: http://ift.tt/2lAiqcB
X-Force Database: http://ift.tt/2eDrVCd
X-Force Database: http://ift.tt/2e5pD2s
X-Force Database: http://ift.tt/2hjUUfe
X-Force Database: http://ift.tt/2kDymIW
from IBM Product Security Incident Response Team http://ift.tt/2xsuhwZ
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.