IBM Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application Server

The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring (ITM) portal server.

CVE(s): CVE-2015-0899, CVE-2012-5783, CVE-2018-1643, CVE-2018-1567, CVE-2018-1621, CVE-2018-1695, CVE-2018-1770, CVE-2018-1797, CVE-2014-7810

Affected product(s) and affected version(s):
IBM Tivoli Monitoring versions 6.3.0 through 6.3.0 FP7 – Tivoli Enterprise Portal Server (TEPS) all CVEs above.

IBM Tivoli Monitoring versions 6.2.3 through 6.2.3 FP5 – Tivoli Enterprise Portal Server (TEPS) all CVE’s except for CVE-2018-1643 and CVE-2018-1797

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10796180
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/101770
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/79984
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144588
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143024
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144346
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145769
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148686
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/149427
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/103155

The post IBM Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application Server appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ibm.co/2GuSSIR