Friday, October 28, 2016

IBM Security Bulletin: Multiple Security Vulnerabilities exist in IBM Cognos Express.

There are multiple vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU – Oct 2015 – Includes Oracle Oct 2015 CPU + CVE-2015-5006; IBM SDK, Java Technology Edition Quarterly CPU – Jan 2016 – Includes Oracle Jan 2016 CPU + 3 IBM CVEs; IBM SDK, Java Technology Edition Quarterly CPU – Apr 2016 – Includes Oracle Apr 2016 CPU + 3 IBM CVEs and OpenSSL vulnerabilities.

CVE(s): CVE-2015-1794, CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-3197, CVE-2015-4803, CVE-2015-4893, CVE-2015-4911, CVE-2015-5006, CVE-2016-0466, CVE-2016-0448, CVE-2016-0702, CVE-2016-0705, CVE-2016-0799, CVE-2016-2107, CVE-2016-2176, CVE-2016-2842, CVE-2016-3427

Affected product(s) and affected version(s):

IBM Cognos Express 10.1.x

IBM Cognos Express 10.2.1

IBM Cognos Express 10.2.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2fn5HbB
X-Force Database: http://ift.tt/1rd26hz
X-Force Database: http://ift.tt/1rd28Gc
X-Force Database: http://ift.tt/1KB3Vh1
X-Force Database: http://ift.tt/1QmYT4z
X-Force Database: http://ift.tt/1KB3SSD
X-Force Database: http://ift.tt/1rd26hw
X-Force Database: http://ift.tt/1SAJU8S
X-Force Database: http://ift.tt/1NzQEaa
X-Force Database: http://ift.tt/1SAJU8Q
X-Force Database: http://ift.tt/1NzQEae
X-Force Database: http://ift.tt/1N2N3Bz
X-Force Database: http://ift.tt/1WhPjpX
X-Force Database: http://ift.tt/1Tg5v6h
X-Force Database: http://ift.tt/1Tg5wqO
X-Force Database: http://ift.tt/1N2N4p5
X-Force Database: http://ift.tt/1NwOQz5
X-Force Database: http://ift.tt/25mym4p
X-Force Database: http://ift.tt/24fOBfM
X-Force Database: http://ift.tt/1N2N48r



from IBM Product Security Incident Response Team http://ift.tt/2fna2eQ

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.