IBM Security Bulletin: Security vulnerabilities in IBM Java Runtime affect IBM RLKS Administration and Reporting Tool Admin and Agent
There are multiple vulnerabilities related to IBM® Runtime Environment Java™ Technology Edition which is used and shipped by different versions of IBM Rational License Key Server Administration and Reporting Tool Admin (ART) and Agent. These issues were disclosed as part of the IBM Java SDK updates in January 2018.
CVE(s): CVE-2018-2633, CVE-2018-2582, CVE-2018-2657, CVE-2018-2599, CVE-2018-2602, CVE-2018-2678, CVE-2018-2677, CVE-2018-2663, CVE-2018-2579
Affected product(s) and affected version(s):
These vulnerabilities impact the following components and their releases:
- RLKS Administration and Reporting Tool version 8.1.4.9
- RLKS Administration and Reporting Tool version 8.1.5
- RLKS Administration and Reporting Tool version 8.1.5.1
- RLKS Administration and Reporting Tool version 8.1.5.2
- RLKS Administration and Reporting Tool version 8.1.5.3
- RLKS Administration Agent version 8.1.4.9
- RLKS Administration Agent version 8.1.5
- RLKS Administration Agent version 8.1.5.1
- RLKS Administration Agent version 8.1.5.2
- RLKS Administration Agent version 8.1.5.3
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22015226
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137885
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137836
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137910
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137851
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137854
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137933
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137932
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137917
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137833
The post IBM Security Bulletin: Security vulnerabilities in IBM Java Runtime affect IBM RLKS Administration and Reporting Tool Admin and Agent appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2xNLkyh