IBM Security Bulletin: An unspecified vulnerability related to the Java SE JCE component affects IBM License Metric Tool v9.x and IBM BigFix Inventory v9.x (CVE-2017-10115)

There were multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool (LMT) and IBM BigFix Inventory (BFI). These issues were disclosed as part of the IBM Java SDK updates in July 2017. Fixes are already included in LMT and BFI version 9.2.9 or later.

CVE(s): CVE-2017-10115

Affected product(s) and affected version(s):

IBM License Metric Tool v9 – application version < 9.2.9
IBM BigFix Inventory v9 – application version < 9.2.9

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2xt4Xa3
X-Force Database: http://ift.tt/2xsr7ZC

The post IBM Security Bulletin: An unspecified vulnerability related to the Java SE JCE component affects IBM License Metric Tool v9.x and IBM BigFix Inventory v9.x (CVE-2017-10115) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2zTVsT2