Home Unlabelled IBM Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM Spectrum Control and Tivoli Storage Productivity Center (CVE-2016-1000031)

IBM Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM Spectrum Control and Tivoli Storage Productivity Center (CVE-2016-1000031)

By
Sunday, March 11, 2018
Read
Add Comment

A vulnerability in Apache Commons FileUpload affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center). Apache Commons FileUpload, as used in IBM Websphere Liberty and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. IBM Spectrum Control and Tivoli Storage Productivity Center have addressed the applicable CVE.

CVE(s): CVE-2016-1000031

Affected product(s) and affected version(s):

IBM Spectrum Control 5.2.8 through 5.2.15.2
Tivoli Storage Productivity Center 5.2.0 through 5.2.7.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22013943
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117957

The post IBM Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM Spectrum Control and Tivoli Storage Productivity Center (CVE-2016-1000031) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2HlRsha
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us