IBM Security Bulletin: There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6, Version 7, Version 8, that is used by IBM Workload Scheduler. These issues were disclosed as part of the IBM Java SDK updates in July 2018.

Dec 3, 2018 8:00 am EST

Categorized: High Severity

Share this post:

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6, Version 7, Version 8, that is used by IBM Workload Scheduler. These issues were disclosed as part of the IBM Java SDK updates in July 2018.

CVE(s): CVE-2018-1656, CVE-2018-12539, CVE-2018-1517, CVE-2018-2973

Affected product(s) and affected version(s):

IBM Workload Scheduler Distributed 9.1.0 FP02 and earlier
IBM Workload Scheduler Distributed 9.2.0 FP03 and earlier
IBM Workload Scheduler Distributed 9.3.0 FP03 and earlier
IBM Workload Scheduler Distributed 9.4.0 FP04 and earlier

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10743351
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144882
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148389
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141681
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146835

from IBM Product Security Incident Response Team https://ift.tt/2zDL43c