There are multiple vulnerabilities in the IBM® SDK Java Technology Edition that is shipped with IBM WebSphere Application Server. These might affect some configurations of IBM WebSphere Application Server Traditional, IBM WebSphere Application Server Liberty and IBM WebSphere Application Server Hypervisor Edition.
CVE(s): CVE-2019-4473, CVE-2019-11771
Affected product(s) and affected version(s):
IBM SDK, Java Technology Editions used with WebSphere Application Server Liberty IBM SDK, Java Technology Editions used with IBM WebSphere Application Server Traditional Version 9.0.0.0 through 9.0.5.0, 8.5.0.0 through 8.5.5.15. IBM SDK, Java Technology Editions shipped in Application Client for IBM WebSphere Application Server Version 9.0.0.0 through 9.0.5.0, 8.5.0.0 through 8.5.5.15.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10964780
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163984
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163989
The post IBM Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server July 2019 CPU appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2MzXcud
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.