IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect SmartCloud Entry

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6.0.16.35 and Version 7.0.10.1 used by SmartCloud Entry. These issues were disclosed as part of the IBM Java SDK updates in Apr 2017.

CVE(s): CVE-2017-3514, CVE-2017-3512, CVE-2017-3511, CVE-2017-3526, CVE-2017-3509, CVE-2017-3544, CVE-2017-3533, CVE-2017-3539, CVE-2017-1289, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, Not Applicable

Affected product(s) and affected version(s):

IBM SmartCloud Entry 2.3.0 through 2.3.0.4 Appliance JRE Update 7,
IBM SmartCloud Entry 2.4.0 through 2.4.0.5 Appliance JRE Update7,
IBM SmartCloud Entry 3.1.0 through 3.1.0.4 Appliance fix pack 25,
IBM SmartCloud Entry 3.2.0 through 3.2.0.4 Appliance fix pack 25

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2sEvZIk
X-Force Database: http://ift.tt/2pv78pP
X-Force Database: http://ift.tt/2pYs23d
X-Force Database: http://ift.tt/2pv7JaY
X-Force Database: http://ift.tt/2pY6aou
X-Force Database: http://ift.tt/2pvrrn2
X-Force Database: http://ift.tt/2pYfysm
X-Force Database: http://ift.tt/2pv79tT
X-Force Database: http://ift.tt/2pYkfm0
X-Force Database: http://ift.tt/2pvwR1f
X-Force Database: http://ift.tt/2lLwOQm
X-Force Database: http://ift.tt/2mlzP6B
X-Force Database: http://ift.tt/2lLuetu
X-Force Database: http://ift.tt/2mlCjlv
X-Force Database:

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect SmartCloud Entry appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2sEw1jq