IBM Security Bulletin: IBM Tivoli Monitoring (CVE-2016-4472, CVE-2016-0718)

IBM Tivoli Monitoring utilizes the IBM HTTP Server (IHS) as the default HTTP server for the portal server. IBM HTTP Server is affected by the following CVEs as listed below: CVE-2016-4472, CVE-2016-0718

CVE(s): CVE-2016-4472, CVE-2016-0718

Affected product(s) and affected version(s):

The following IBM Tivoli Monitoring portal server releases (cq component):
IBM Tivoli Monitoring version 6.23 through 6.23 FP5
IBM Tivoli Monitoring version 6.30 through 6.30 FP6

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2dFeiqs
X-Force Database: http://ift.tt/2bykBrC
X-Force Database: http://ift.tt/2aA9DSH



from IBM Product Security Incident Response Team http://ift.tt/2cOIV6z