IBM Security Bulletin: Open Source Apache Tomcat Vulnerabilities affect the IBM Emptoris Strategic Supply Management suite of products (CVE-2016-3092)

Open Source Apache Tomcat Vulnerabilities affect the IBM Emptoris Strategic Supply Management suite of products. The IBM Emptoris Strategic Supply Management Suite of products includes IBM Emptoris Contract Management, IBM Emptoris Sourcing, IBM Emptoris Spend Analysis and IBM Emptoris Program Management.

CVE(s): CVE-2016-3092

Affected product(s) and affected version(s):

IBM Emptoris Contract Management 9.5 through 10.1.x
IBM Emptoris Program Management 10.0.0 through 10.1.x
IBM Emptoris Sourcing 9.5 through 10.1.x
IBM Emptoris Spend Analysis 9.5 through 10.1.x
IBM Emptoris Supplier Lifecycle Management 10.0.0 through 10.1.x
IBM Emptoris Strategic Supply Management 10.0.0 through 10.1.x

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2uCYgEk
X-Force Database: http://ift.tt/2bozrA8

The post IBM Security Bulletin: Open Source Apache Tomcat Vulnerabilities affect the IBM Emptoris Strategic Supply Management suite of products (CVE-2016-3092) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2uCvOCh