IBM Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Cloud Orchestrator and Cloud Orchestrator Enterprise (CVE-2016-8919)
Sep 29, 2017 10:00 am EDT
Categorized: Medium Severity
Share this post:
There is a security vulnerability in WebSphere Application Server, IBM Business Process Manager, and IBM Tivoli System Automation Application Manager that is shipped with IBM Cloud Orchestrator and Cloud Orchestrator Enterprise. Additionally, the vulnerability affects Jazz™ for Service Management and IBM Tivoli Monitoring, which are shipped with Cloud Orchestrator Enterprise.
CVE(s): CVE-2016-8919
Affected product(s) and affected version(s):
Principal Product and Version(s) | Affected Supporting Product and Version |
IBM Cloud Orchestrator V2.5, V2.5.0.1, V2.5.0.2, V2.5.0.3 |
|
IBM Cloud Orchestrator V2.4, V2.4.0.1, V2.4.0.2,V2.4.0.3, V2.4.0.4 |
|
IBM Cloud Orchestrator V2.3, V2.3.0.1 |
|
IBM Cloud Orchestrator Enterprise V2.5, V2.5.0.1, V2.5.0.2, V2.5.0.3 |
|
IBM Cloud Orchestrator Enterprise V2.4, V2.4.01, V2.4.0.2,V2.4.0.3 |
|
IBM Cloud Orchestrator Enterprise V2.3, V2.3.0.1 |
|
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2yMyJrt
X-Force Database: http://ift.tt/2iIIHRy
from IBM Product Security Incident Response Team http://ift.tt/2yMCgpV