IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms (CVE-2018-3180, CVE-2018-3139)

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.0 to 4.1.0.3. These issues were disclosed as part of the IBM Java SDK updates in Oct 2018. There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.4. These issues were disclosed as part of the IBM Java SDK updates in Oct 2018.

CVE(s): CVE-2018-3180, CVE-2018-3139

Affected product(s) and affected version(s):

IBM Tivoli System Automation for Multiplatforms 4.1.0.0 – 4.1.0.4

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10742149
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151497
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151455

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms (CVE-2018-3180, CVE-2018-3139) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ibm.co/2DgpcvK