IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Process Designer used in IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2016-5573, CVE-2016-5597, CVE-2016-3485)
There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM Process Designer in IBM Business Process Manager and WebSphere Lombardi Edition. These issues were disclosed as part of the IBM Java SDK updates in October 2016 and in the IBM Java SDK updates in July 2016.
CVE(s): CVE-2016-5573, CVE-2016-5597, CVE-2016-3485
Affected product(s) and affected version(s):
This vulnerability affects IBM Business Process Manager V7.5.x through V8.5.7.0 and WebSphere Lombardi Edition V7.2.0.x.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2h2vGpm
X-Force Database: http://ift.tt/2eDrVCd
X-Force Database: http://ift.tt/2e5pD2s
X-Force Database: http://ift.tt/2b7G65u
from IBM Product Security Incident Response Team http://ift.tt/2h2kl8L