Tuesday, June 12, 2018

IBM Security Bulletin: Security vulnerability in Apache Commons FileUpload used by WebSphere Application Server affects IBM SPSS Analytic Server (CVE-2016-1000031)

The Apache Commons FileUpload that is used by IBM® WebSphere™ Application Server affects IBM SPSS Analytic Server. The potential threat could allow a remote attacker to execute arbitrary code on the system. The fix for this issue requires an update to the Websphere application server (detailed in another security bulletin) and an update to a specific IBM SPSS Analytic Server *.jar file.

CVE(s): CVE-2016-1000031

Affected product(s) and affected version(s):

IBM SPSS Analytic Server 2.0.0.0
IBM SPSS Analytic Server 2.1.0.0
IBM SPSS Analytic Server 3.0.0.0
IBM SPSS Analytic Server 3.0.1.0
IBM SPSS Analytic Server 3.1.0.0
IBM SPSS Analytic Server 3.1.1.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22015601
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117957

The post IBM Security Bulletin: Security vulnerability in Apache Commons FileUpload used by WebSphere Application Server affects IBM SPSS Analytic Server (CVE-2016-1000031) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2MnBxSO

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.