Multiple security vulnerabilities exist in the IBM® Runtime Environment Java™ Technology Edition 6.0.16.21 (and earlier) used by WebSphere Message Broker, and the IBM® Runtime Environment Java™ Technology Edition 7.0.9.31 (and earlier) used by WebSphere Message Broker and IBM Integration Bus, and the IBM® Runtime Environment Java™ Technology Edition 7.1.3.31 (and earlier) used by IBM Integration Bus. These issues were disclosed as part of the IBM Java SDK updates in April 2016.
CVE(s): CVE-2016-3443, CVE-2016-3427, CVE-2016-3422, CVE-2016-3426, CVE-2016-0264
Affected product(s) and affected version(s):
IBM Integration Bus V10, V9
WebSphere Message Broker V8
IBM Integration Toolkit V9
WebSphere Message Broker Toolkit V8
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/1saLQ1y
X-Force Database: http://ift.tt/1Tg5v61
X-Force Database: http://ift.tt/1N2N48r
X-Force Database: http://ift.tt/1Tg5wqE
X-Force Database: http://ift.tt/1N2N2xe
X-Force Database: http://ift.tt/1Tg5wqG
from IBM PSIRT Blog http://ift.tt/1WWcrfM
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.