IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio and IBM CPLEX Enterprise Server

There are multiple vulnerabilities in IBM® Runtime Environment Java Versions 7 & 8 used by IBM CPLEX Optimization Studio and IBM CPLEX Enterprise Server. IBM CPLEX Optimization Studio and IBM CPLEX Enterprise Server have addressed the applicable CVEs.

CVE(s): CVE-2019-2816, CVE-2019-4473, CVE-2019-11771

Affected product(s) and affected version(s):
IBM CPLEX Optimization Studio and IBM CPLEX Enterprise Server 12.9 and earlier releases

IBM SDK, Java Technology Edition, Version 7 Service Refresh 10 Fix Pack 40 and earlier releases IBM SDK, Java Technology Edition, Version 8 Service Refresh 5 Fix Pack 30 and earlier releases

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10961312
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163878
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163984
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163989

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio and IBM CPLEX Enterprise Server appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2LdCZr7