IBM Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect Tivoli Storage Manager (IBM Spectrum Protect) for Virtual Environments: Data Protection for VMware and FlashCopy Manager (IBM Spectrum Protect Snapshot) for VMware

There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by Tivoli Storage Manager for Virtual Environments (IBM Spectrum Protect for Virtual Environments): Data Protection for VMware and FlashCopy Manager (IBM Spectrum Protect Snapshot) for VMware. These issues were disclosed as part of the IBM Java SDK updates in January 2017.

CVE(s): CVE-2016-5546, CVE-2016-5548, CVE-2016-5549, CVE-2016-5547, CVE-2016-2183

Affected product(s) and affected version(s):

The following levels of Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (IBM Spectrum Protect for Virtual Environments) are affected:

  • 8.1.0.0 through 8.1.0.1
  • 7.1.0.0 through 7.1.6.4
  • 6.4.0.0 through 6.4.3.5

The following levels of FlashCopy Manager (IBM Spectrum Protect Snapshot) for VMware are affected:

  • 4.1.0.0 through 4.1.6.1
  • 3.2.0.0 through 3.2.0.8

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2smxgUE
X-Force Database: http://ift.tt/2lA4akm
X-Force Database: http://ift.tt/2lAx183
X-Force Database: http://ift.tt/2msD77U
X-Force Database: http://ift.tt/2msBF5I
X-Force Database: http://ift.tt/2dR3VyC

The post IBM Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect Tivoli Storage Manager (IBM Spectrum Protect) for Virtual Environments: Data Protection for VMware and FlashCopy Manager (IBM Spectrum Protect Snapshot) for VMware appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2smxg76