IBM Security Bulletin: Bypass security vulnerability in WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2014-7810)

Jan 30, 2019 9:00 am EST

Categorized: Medium Severity

Share this post:

There is a potential bypass security vulnerability in the expression language library used by WebSphere Application Server which affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center).

CVE(s): CVE-2014-7810

Affected product(s) and affected version(s):

Affected ProductAffected Versions
IBM Tivoli Storage Productivity Center5.2.0 – 5.2.7.1
IBM Spectrum Control5.2.8 – 5.2.17.1
IBM Spectrum Control5.3.0

The versions listed above apply to all licensed offerings of IBM Spectrum Control.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10738367
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/103155



from IBM Product Security Incident Response Team https://ibm.co/2sXJmWS