This interim fix provides instructions on upgrading Apache Tomcat from v5.5.36 to v7.0.88 in IBM Platform Symphony 6.1.1 and from v6.0.43 to v8.5.31 in IBM Platform Symphony 7.1 Fix Pack 1 in order to address a security vulnerability in Tomcat (CVE-2017-15698, CVE-2017-15706, CVE-2018-1323, CVE-2018-1305, CVE-2018-1304).
CVE(s): CVE-2017-15698, CVE-2017-15706, CVE-2018-1323, CVE-2018-1305, CVE-2018-1304
Affected product(s) and affected version(s):
Platform Symphony 6.1.1 and IBM Spectrum Symphony 7.1 Fix Pack 1
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=isg3T1027633
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138491
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138486
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140213
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139475
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139476
The post IBM Security Bulletin: Vulnerability in Apache Tomcat affects IBM Platform Symphony, IBM Spectrum Symphony (CVE-2017-15698, CVE-2017-15706, CVE-2018-1323, CVE-2018-1305, CVE-2018-1304) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2GwwZp4
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.