IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (ITNCM)

There are multiple vulnerabilities in IBM® SDKs Java™ Technology Edition, Versions 6, 7, 8 and IBM® Runtime Environments Java™ Technology Edition, Versions 6, 7, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in Jul 2017

CVE(s): CVE-2017-10102, CVE-2017-10115, CVE-2017-10116

Affected product(s) and affected version(s):

The following releases are affected:

ITNCM 6.4.2.0 – 6.4.2.4
ITNCM 6.4.1.0 – 6.4.1.4

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22007398
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128863
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128876
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128877

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (ITNCM) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2rCjxhd