IBM Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Virtualization Engine TS7700 – July 2018 & October 2018

There are multiple vulnerabilities in IBM® SDK, Java Technology Edition, Versions 7 and 8, that are used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in July 2018 and October 2018.

CVE(s): CVE-2018-1517, CVE-2018-2973, CVE-2018-3139, CVE-2018-3180

Affected product(s) and affected version(s):

All versions of microcode for the IBM Virtualization Engine TS7700 (3957-V07, 3957-VEB, 3957-VEC) prior to and including the following are affected:

Machine Type	Model	Version
3957	V07	8.42.1.8
3957	VEB	8.42.1.8
3957	VEC	8.42.1.8

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10732035
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141681
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146835
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151455
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151497

The post IBM Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Virtualization Engine TS7700 – July 2018 & October 2018 appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ibm.co/2DkYJ09