Thursday, May 17, 2018

IBM Security Bulletin: Multiple vulnerabilities in IBM Java JRE affect IBM Tivoli Monitoring

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.6, and Version 7 that is shipped as part of multiple IBM Tivoli Monitoring (ITM) components.

CVE(s): CVE-2018-2579, CVE-2018-2588, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678, CVE-2018-2602, CVE-2018-2599, CVE-2018-2603, CVE-2018-2657, CVE-2018-2618, CVE-2018-2641, CVE-2018-2582, CVE-2018-2637, CVE-2018-2633

Affected product(s) and affected version(s):

The following components of IBM Tivoli Monitoring (ITM) are affected by this bulletin:

-Java (CANDLEHOME) ITM 6.2.3 Fix Pack 1 (JRE 1.6) through 6.2.3 Fix Pack 5 and 6.3.0 through 6.3.0 Fix Pack 7 (JRE 7) (CVE-2018-2602 only)
-Java (Tivoli Enterprise Portal client browser or webstart) ITM 6.2.3 Fix pack 1 through 6.2.3 Fix Pack 5 (JRE 1.6) and 6.3.0 throught 6.3.0 Fix Pack 7 (JRE 7) (All CVE’s listed)

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22016198
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137833
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137841
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137917
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137932
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137933
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137854
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137851
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137855
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137910
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137870
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137893
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137836
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137889
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137885

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java JRE affect IBM Tivoli Monitoring appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2wOjCkn
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)