Apr 27, 2018 12:31 pm EDT
Categorized: High Severity
Share this post:
This bulletin addresses several security vulnerabilities. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 and the IBM® Runtime Environment Java™ Technology Edition, Version 8 that are used by IBM Cognos Controller. These issues were disclosed as part of the IBM Java SDK updates in Oct 2017. IBM Cognos Controller versions prior to 10.3.1 consume IBM GSKit. Multiple vulnerabilities have been addressed in IBM GSKit. A potential information disclosure vulnerability has been addressed in IBM WebSphere Application Server that is shipped with IBM Cognos Controller.
CVE(s): CVE-2017-10345, CVE-2017-10295, CVE-2017-10281, CVE-2017-10350, CVE-2017-10347, CVE-2017-10349, CVE-2017-10348, CVE-2017-10357, CVE-2017-10355, CVE-2016-9841, CVE-2017-10356, CVE-2017-10388, CVE-2016-9843, CVE-2016-9842, CVE-2016-9840, CVE-2016-10165, CVE-2018-1447, CVE-2016-0705, CVE-2017-3732, CVE-2017-3736, CVE-2018-1428, CVE-2018-1427, CVE-2018-1426, CVE-2016-0702, CVE-2017-1681
Affected product(s) and affected version(s):
IBM Cognos Controller 10.2.0
IBM Cognos Controller 10.2.1
IBM Cognos Controller 10.3.0
IBM Cognos Controller 10.3.1
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22015510
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133774
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133729
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133720
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133779
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133776
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133778
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133777
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133786
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133784
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120509
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133785
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133813
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120511
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120510
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/120508
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127028
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139972
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111140
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/121313
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134397
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139073
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139072
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139071
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111144
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134003
from IBM Product Security Incident Response Team https://ift.tt/2JwplwC
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.