IBM Security Bulletin: Potential security vulnerability in selected fixpacks of WebSphere Application Server affects IBM Emptoris Strategic Supply Management suite of products and IBM Emptoris Services Procurement (CVE-2017-1501)

The IBM Emptoris Strategic Supply Management Suite and IBM Emptoris Services Procurement products are affected by a vulnerability that exists in the IBM WebSphere Application Server . The security bulletin includes issues disclosed as part of the IBM WebSphere Application Server updates. The IBM Emptoris Strategic Supply Management Suite of products which is impacted by this vulnerability includes IBM Emptoris Contract Management, IBM Emptoris Sourcing, IBM Emptoris Spend Analysis and IBM Emptoris Program Management.

CVE(s): CVE-2017-1501

Affected product(s) and affected version(s):

IBM Emptoris Contract Management 9.5 through 10.1.x

IBM Emptoris Program Management 10.0.0 through 10.1.x
IBM Emptoris Sourcing 9.5 through 10.1.x
IBM Emptoris Spend Analysis 9.5 through 10.1.x
IBM Emptoris Services Procurement 10.x

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2wprHeA
X-Force Database: http://ift.tt/2wPBA21

The post IBM Security Bulletin: Potential security vulnerability in selected fixpacks of WebSphere Application Server affects IBM Emptoris Strategic Supply Management suite of products and IBM Emptoris Services Procurement (CVE-2017-1501) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2wprI28