There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition that is used by IBM SAN Volume Controller, Storwize Family and FlashSystem V9000 products . These issues were disclosed as part of the IBM Java SDK updates in February 2017. The applicable CVEs are CVE-2016-5546, CVE-2016-5548, CVE-2016-5549, CVE-2016-5547 and CVE-2016-2183.
CVE(s): CVE-2016-5546, CVE-2016-5548, CVE-2016-5549, CVE-2016-5547, CVE-2016-2183
Affected product(s) and affected version(s):
IBM SAN Volume Controller
IBM Storwize V7000
IBM Storwize V5000
IBM Storwize V3700
IBM Storwize V3500
IBM FlashSystem V9000
All products are affected when running supported releases 7.1 to 7.8. For unsupported versions of the above products, IBM recommends upgrading to a fixed, supported version of the product.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2toSgij
X-Force Database: http://ift.tt/2lA4akm
X-Force Database: http://ift.tt/2lAx183
X-Force Database: http://ift.tt/2msD77U
X-Force Database: http://ift.tt/2msBF5I
X-Force Database: http://ift.tt/2dR3VyC
The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect SAN Volume Controller, Storwize family and FlashSystem V9000 products appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2tXT4HO
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.