IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Monitoring
Jul 29, 2019 9:02 am EDT
Categorized: High Severity
Share this post:
There are several vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring (ITM) components.
CVE(s): CVE-2019-10245, CVE-2019-2684, CVE-2019-2602, CVE-2019-2697, CVE-2019-2698, CVE-2018-1890, CVE-2019-2422, CVE-2019-2426, CVE-2018-11212
Affected product(s) and affected version(s):
The following components of IBM Tivoli Monitoring (ITM) are affected by this bulletin:
-Java (CANDLEHOME) ITM 6.3.0 through 6.3.0 Fix Pack 7 (JRE 7) (CVE-2018-1890, CVE-2019-2426, CVE-2019-2697 and CVE-2019-2684)
-Java (Tivoli Enterprise Portal client browser or webstart) ITM 6.3.0 through 6.3.0 Fix Pack 7 (All CVE’s listed)
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10959883
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160010
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159776
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159698
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159789
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159790
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152081
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155741
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155744
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143429
from IBM Product Security Incident Response Team https://ift.tt/2SS0cCv