Home Unlabelled IBM Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ affect Business Process Manager, and bundled products shipped with IBM Cloud Orchestrator

IBM Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ affect Business Process Manager, and bundled products shipped with IBM Cloud Orchestrator

By
Monday, July 18, 2016
Read
Add Comment

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, that is used by IBM Cloud Orchestrator, and bundled products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition. IBM SmartCloud Cost Management and Tivoli Monitoring are shipped as bundled supporting products with IBM Cloud Orchestrator Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”.

CVE(s): CVE-2016-0475, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448

Affected product(s) and affected version(s):

IBM Cloud Orchestrator Enterprise versions:

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/29OEayH
X-Force Database: http://ift.tt/1WhPgug
X-Force Database: http://ift.tt/1N2N3Bz
X-Force Database: http://ift.tt/1TnIyR8
X-Force Database: http://ift.tt/1WhPjpX

Affected Principal Product and VersionAffected Supporting Product and Version
IBM Cloud Orchestrator Enterprise V2.5, V2.5.0.1IBM Business Process Manager Standard 8.5.6
IBM Tivoli System Automation Application Manager 4.1
IBM Tivoli System Automation for Multi platforms 4.1
IBM DB2 Enterprise Server Edition 10.5.0.6
IBM SmartCloud Cost Management 2.1.0.5
IBM Tivoli Monitoring 6.3.0.2
IBM Cloud Orchestrator Enterprise V2.4, V2.4.0.1, V2.4.0.2, V2.4.0.3IBM Business Process Manager Standard 8.5.6
IBM Tivoli System Automation Application Manager 4.1
IBM Tivoli System Automation for Multi platforms 4.1
IBM DB2 Enterprise Server Edition 10.5.0.6
IBM SmartCloud Cost Management 2.1.0.4
IBM Tivoli Monitoring 6.3.0.2
IBM SmartCloud Orchestrator Enterprise V2.3 and V2.3.0.1 from
Interim Fix1 through Interim Fix 9		IBM Business Process Manager Standard 8.5
IBM Tivoli System Automation Application Manager 3.2.2.2
IBM Tivoli System Automation for Multi platforms 3.2.2
IBM DB2 Enterprise Server Edition 10.1.0.5
IBM SmartCloud Cost Management V2.1.0.3
IBM Tivoli Monitoring V6.3.0.1
Affected Principal Product and VersionAffected Supporting Product and Version
IBM Cloud Orchestrator V2.5, V2.5.0.1IBM Business Process Manager Standard 8.5.6
IBM Tivoli System Automation Application Manager 4.1
IBM Tivoli System Automation for Multi platforms 4.1
IBM DB2 Enterprise Server Edition 10.5.0.6
IBM Cloud Orchestrator V2.4, V2.4.0.1, V2.4.0.2, V2.4.0.3IBM Business Process Manager Standard 8.5.6
IBM Tivoli System Automation Application Manager 4.1
IBM Tivoli System Automation for Multi platforms 4.1
IBM DB2 Enterprise Server Edition 10.5.0.6
IBM SmartCloud Orchestrator V2.3 and V2.3.0.1 from
Interim Fix1 through Interim Fix 9		IBM Business Process Manager Standard 8.5
IBM Tivoli System Automation Application Manager 3.2.2.2
IBM Tivoli System Automation for Multi platforms 3.2.2
IBM DB2 Enterprise Server Edition 10.1.0.5


from IBM Product Security Incident Response Team http://ift.tt/29OHcyw
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us