IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms January 2019 CPU (CVE-2018-1890, CVE-2019-2426)

There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 7 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.0 to 4.1.0.3. These issues were disclosed as part of the IBM Java SDK updates in January 2019. There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 8 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.4. These issues were disclosed as part of the IBM Java SDK updates in January 2019.

CVE(s): CVE-2018-1890, CVE-2019-2426

Affected product(s) and affected version(s):
IBM Tivoli System Automation for Multiplatforms 4.1.0.0 – 4.1.0.4

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10878234
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152081
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155744

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms January 2019 CPU (CVE-2018-1890, CVE-2019-2426) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ibm.co/2GVctlg