IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect the IBM Spectrum Protect Backup-Archive Client on Windows, Linux, and Macintosh (CVE-2018-12547, CVE-2019-2426)

Multiple vulnerabilities in IBM® Runtime Environment Java were disclosed as part of the IBM Java SDK updates in January 2019. IBM® Runtime Environment Java is used by the IBM Spectrum Protect (formerly Tivoli Storage Manager) Backup-Archive Client on Windows, Linux, and Macintosh platforms.

CVE(s): CVE-2018-12547, CVE-2019-2426

Affected product(s) and affected version(s):

The following versions of the IBM Spectrum Protect (formerly Tivoli Storage Manager) Backup-Archive Client on Windows, Macintosh, and Linux platforms are affected:

• 8.1.0.0 through 8.1.7.1 Windows and Macintosh
  8.1.7.0 through 8.1.7.1 Linux (Web user interface)
• 7.1.0.0 through 7.1.8.5 Windows and Macintosh (Linux not affected)

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10884946
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157512
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155744

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect the IBM Spectrum Protect Backup-Archive Client on Windows, Linux, and Macintosh (CVE-2018-12547, CVE-2019-2426) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2JH14qE