IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Composite Application Manager for Transactions (Multiple CVEs)

There are multiple vulnerabilities in IBM Java SDK, Version 6.0, 7.0 and 8.0 that is used by IBM Tivoli Composite Application Manager for Transactions. These issues were disclosed as part of the IBM Java SDK updates in July 2017.

CVE(s): CVE-2017-10067, CVE-2017-10115, CVE-2017-10074, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10087, CVE-2017-10089, CVE-2017-10107, CVE-2017-10110, CVE-2017-10053, CVE-2017-10108, CVE-2017-10109, CVE-2017-10135, CVE-2017-10243

Affected product(s) and affected version(s):

IBM Tivoli Composite Application Manager (ITCAM) for Transactions : Versions 7.3.x.x to 7.4.x.x are affected

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2haUGZz
X-Force Database: http://ift.tt/2x4YZ1U
X-Force Database: http://ift.tt/2xsr7ZC
X-Force Database: http://ift.tt/2vEUffF
X-Force Database: http://ift.tt/2x52Goj
X-Force Database: http://ift.tt/2x4LWxw
X-Force Database: http://ift.tt/2x4P6Bt
X-Force Database: http://ift.tt/2veVuCa
X-Force Database: http://ift.tt/2x52GEP
X-Force Database: http://ift.tt/2vEW7Fc
X-Force Database: http://ift.tt/2vECPQw
X-Force Database: http://ift.tt/2x4P64r
X-Force Database: http://ift.tt/2wEhie8
X-Force Database: http://ift.tt/2vff6pW
X-Force Database: http://ift.tt/2vEvu3j
X-Force Database: http://ift.tt/2wp6HTz
X-Force Database: http://ift.tt/2vQ1oZY

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Composite Application Manager for Transactions (Multiple CVEs) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2hcBuef