Friday, August 12, 2016

IBM Security Bulletin: Multiple security vulnerabilities have been identified in WebSphere Application Server and bundling products shipped with IBM Cloud Orchestrator (CVE-2016-3426, CVE-2016-3427)

Information about a security vulnerability that affects IBM Java SDK, IBM WebSphere Application Server, and bundling products of IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition has been published in a security bulletin. These issues were also addressed by IBM WebSphere Application Server, IBM Business Process Manager and IBM Tivoli System Automation Application Manager, which are shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Additionally, these issues were also addressed by IBM Tivoli Monitoring and SmartCloud Cost Management, which are shipped with IBM Cloud Orchestrator Enterprise.

CVE(s): CVE-2016-3426, CVE-2016-3427

Affected product(s) and affected version(s):

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2b3CE9a
X-Force Database: http://ift.tt/1N2N2xe
X-Force Database: http://ift.tt/1N2N48r

Principal Product and Version(s) Supporting Product and Version
IBM Cloud Orchestrator version 2.5, 2.5.0.1, V2.5.0.2 IBM WebSphere Application Server Network Deployment V8.5.5 through 8.5.5.7
IBM Business Process Manager Standard V8.5.6
IBM Tivoli System Automation Application Manager 4.1
IBM Cloud Orchestrator version 2.4, 2.4.0.1, 2.4.0.2, 2.4.0.3 IBM WebSphere Application Server Network Deployment V8.5.5 through 8.5.5.7
IBM Business Process Manager Standard V8.5.5 through 8.5.6
IBM Tivoli System Automation Application Manager 4.1
IBM Cloud Orchestrator version 2.3, 2.3.0.1 IBM WebSphere Application Server V8.0.1 through V8.0.0.11
IBM Business Process Manager V 8.5, 8.5.6
IBM Cloud Orchestrator Enterprise V2.5, V2.5.0.1, V2.5.0.2 IBM Business Process Manager Standard 8.5.6
IBM Tivoli System Automation Application Manager 4.1
IBM SmartCloud Cost Management 2.1.0.5
IBM Tivoli Monitoring 6.3.0.2
IBM Cloud Orchestrator Enterprise V2.4, V2.4.0.1, V2.4.0.2, V2.4.0.3 IBM Business Process Manager Standard 8.5.6
IBM Tivoli System Automation Application Manager 4.1
IBM SmartCloud Cost Management 2.1.0.4
IBM Tivoli Monitoring 6.3.0.2
IBM SmartCloud Orchestrator Enterprise V2.3 and V2.3.0.1 from
Interim Fix1 through Interim Fix 9
IBM Business Process Manager Standard 8.5
IBM SmartCloud Cost Management V2.1.0.3
IBM Tivoli Monitoring V6.3.0.1


from IBM Product Security Incident Response Team http://ift.tt/2b3Csqg

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.