IBM Security Bulletin: Vulnerability in IBM WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) CVE-2016-5983

A vulnerability in IBM WebSphere Application Server affects IBM Spectrum Control and Tivoli Storage Productivity Center. IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code with a serialized object from untrusted sources. IBM Spectrum Control and Tivoli Storage Productivity Center have addressed the applicable CVE.

CVE(s): CVE-2016-5983

Affected product(s) and affected version(s):

IBM Spectrum Control 5.2.8 through 5.2.11
Tivoli Storage Productivity Center 5.2.0 through 5.2.7.1

The versions listed above apply to all licensed offerings of IBM Spectrum Control and Tivoli Storage Productivity Center, including IBM SmartCloud Virtual Storage Center Storage Analytics Engine.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2hHimTm
X-Force Database: http://ift.tt/2cX6Wuu



from IBM Product Security Incident Response Team http://ift.tt/2hHoYAX