IBM Security Bulletin: B2B Advanced Communications is Affected by Multiple Vulnerabilities in IBM Java Runtime

There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 7 Service Refresh 10 Fix Pack 15 that is used by IBM B2B Advanced Communications. These issues were disclosed as part of the IBM Java SDK updates in January 2018 and April 2018.

CVE(s): CVE-2018-2579, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678, CVE-2018-2602, CVE-2018-2603, CVE-2018-2657, CVE-2018-2637, CVE-2018-2633, CVE-2018-2783

Affected product(s) and affected version(s):

IBM B2B Advanced Communications 1.0.0.2 – 1.0.0.6_2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10793713
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137833
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137917
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137932
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137933
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137854
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137855
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137910
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137889
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137885
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141939

The post IBM Security Bulletin: B2B Advanced Communications is Affected by Multiple Vulnerabilities in IBM Java Runtime appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ibm.co/2MimKsF