Multiple security vulnerabilities exist in the IBM® Runtime Environment Java™ Technology Edition Version 6 Service Refresh 16 Fix Pack 41 and earlier releases used by WebSphere Message Broker, and the IBM® Runtime Environment Java™ Technology Edition Version 7 Service Refresh 10 Fix Pack 1 and earlier releases used by WebSphere Message Broker and IBM Integration Bus, and the IBM® Runtime Environment Java™ Technology Edition Version 7R1 Service Refresh 4 Fix Pack 1 and earlier releases used by IBM Integration Bus. These issues were disclosed as part of the IBM Java SDK updates in April 2017. WebSphere Message Broker and IBM Integration Bus have addressed the applicable CVEs
CVE(s): CVE-2017-3511, CVE-2017-1289, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
Affected product(s) and affected version(s):
IBM Integration Bus V10.0.0.0- 10.0.0.8
IBM Integration Bus V9.0.0.0- 9.0.0.7
WebSphere Message Broker V8.0.0.0 – 8.0.0.8
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2tibqDp
X-Force Database: http://ift.tt/2pv7JaY
X-Force Database: http://ift.tt/2pvwR1f
X-Force Database: http://ift.tt/2lLwOQm
X-Force Database: http://ift.tt/2mlzP6B
X-Force Database: http://ift.tt/2lLuetu
X-Force Database: http://ift.tt/2mlCjlv
The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere Message Broker and IBM Integration Bus appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2syJUEL
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.