There are several vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring (ITM) components.
CVE(s): CVE-2018-2800, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE-2018-2799, CVE-2018-2815, CVE-2018-2783, CVE-2018-2794, CVE-2018-2814, CVE-2018-2790
Affected product(s) and affected version(s):
The following components of IBM Tivoli Monitoring (ITM) are affected by this bulletin:
-Java (CANDLEHOME) ITM 6.2.3 Fix Pack 1 (JRE 1.6) through 6.3.0 Fix Pack 7 (JRE 7) (All CVE’s listed except for CVE-2018-2799 and CVE-2018-2796)
-Java (Tivoli Enterprise Portal client browser or webstart) ITM 6.2.3 Fix pack 1 through 6.3.0 Fix Pack 7 (All CVE’s listed)
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=ibm10717693
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141956
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141951
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141952
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141953
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141954
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141955
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141971
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141939
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141950
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141970
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141946
The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Monitoring appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2AxIf6y
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.