IBM Security Bulletin: Vulnerabilities in IBM Java SDK (January 2019) affecting IBM Application Delivery Intelligence for IBM Z V5.1.0, V5.0.5 and V5.0.4

Multiple vulnerabilities are identified in IBM® SDK Java Technology Edition Version 1.7 and Version 1.8 that are used by IBM Application Delivery Intelligence for IBM Z V5.1.0, V5.0.5, and V5.0.4 respectively. These issues were disclosed as part of the IBM Java SDK updates in January 2019.

CVE(s): CVE-2018-1890, CVE-2018-12547, CVE-2019-2426, CVE-2018-11212

Affected product(s) and affected version(s):

IBM Application Delivery Intelligence for IBM Z V5.1.0

IBM Application Delivery Intelligence for IBM Z V5.0.5

IBM Application Delivery Intelligence for IBM Z V5.0.4

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10885184
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152081
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157512
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155744
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143429

The post IBM Security Bulletin: Vulnerabilities in IBM Java SDK (January 2019) affecting IBM Application Delivery Intelligence for IBM Z V5.1.0, V5.0.5 and V5.0.4 appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ibm.co/2WwU7zA