There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 7 & 8 and IBM® Runtime Environment Java™ Versions 6,7 & 8 used by IBM Security Access Manager software and appliances. These issues were disclosed as part of the IBM Java SDK updates in January 2018.
CVE(s): CVE-2018-2579 , CVE-2018-2602 , CVE-2018-2603 , CVE-2018-2634 , CVE-2018-2633
Affected product(s) and affected version(s):
IBM Tivoli Access Manager for e-business version 6.1
IBM Tivoli Access Manager for e-business version 6.1.1
IBM Security Access Manager for Web version 7.0 software release
IBM Security Access Manager for Web version 8 appliance
IBM Security Access Manager for Mobile version 8 appliance
IBM Security Access Manager version 9 appliance
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22016774
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137833
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137854
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137855
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137886
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137885
The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Security Access Manager appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2PpVxpc
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.