Home Unlabelled IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Cloud Orchestrator and Cloud Orchestrator Enterprise (CVE-2016-5573, CVE-2016-5597)

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Cloud Orchestrator and Cloud Orchestrator Enterprise (CVE-2016-5573, CVE-2016-5597)

By
Friday, April 28, 2017
Read
Add Comment

Apr 28, 2017 10:00 am EDT

Categorized: High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM Cloud Orchestrator. These issues were disclosed as part of the IBM Java SDK updates in October 2016. These may affect some configurations of IBM WebSphere Application Server, IBM Business Process Manager, and IBM Tivoli System Automation Application Manager, which are shipped with IBM Cloud Orchestrator and Cloud Orchestrator Enterprise. Additionally, it affects Jazz for Service Management and IBM Tivoli Monitoring, which are shipped with Cloud Orchestrator Enterprise.

CVE(s): CVE-2016-5573, CVE-2016-5597

Affected product(s) and affected version(s):

Principal Product and Version(s)
Affected Supporting Product and Version
IBM Cloud Orchestrator V2.5, V2.5.0.1, V2.5.0.2
  • WebSphere Application Server V8.5.5 through V8.5.5.7
  • IBM Business Process Manager Standard V8.5.5 – V8.5.6.2
  • IBM Tivoli System Automation Application Manager 4.1
IBM Cloud Orchestrator V2.4, V2.4.01, V2.4.0.2,V2.4.0.3
  • WebSphere Application Server V8.5.0.1 through V8.5.5.7
  • IBM Business Process Manager Standard V8.5.0.1
  • IBM Tivoli System Automation Application Manager 4.1
IBM Cloud Orchestrator V2.3, V2.3.0.1
  • IBM WebSphere Application Server V8.0, V8.0.11
  • IBM Business Process Manager Standard V8.5.0.1
IBM Cloud Orchestrator Enterprise V2.5, V2.5.0.1, V2.5.0.2
  • WebSphere Application Server V8.5.5 through V8.5.5.7
  • IBM Business Process Manager Standard V8.5.5 – V8.5.6.2
  • IBM Tivoli System Automation Application Manager 4.1
  • IBM Tivoli Monitoring 6.3.0.2
  • Jazz for Service Management 1.1.0.1
IBM Cloud Orchestrator Enterprise V2.4, V2.4.01, V2.4.0.2,V2.4.0.3
  • WebSphere Application Server V8.5.0.1 through V8.5.5.7
  • IBM Business Process Manager Standard V8.5.0.1
  • IBM Tivoli System Automation Application Manager 4.1
  • IBM Tivoli Monitoring 6.3.0.1
  • Jazz for Service Management 1.1.0.1
IBM Cloud Orchestrator Enterprise V2.3, V2.3.0.1
  • IBM WebSphere Application Server V8.0, V8.0.11
  • IBM Business Process Manager Standard V8.5.0.1
  • IBM Tivoli Monitoring V6.3.0.1
  • Jazz™ for Service Management V1.1.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2oQ3Tb9
X-Force Database: http://ift.tt/2eDrVCd
X-Force Database: http://ift.tt/2e5pD2s



from IBM Product Security Incident Response Team http://ift.tt/2pbNrFu
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us