IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect for Enterprise Resource Planning (CVE-2018-1890, CVE-2018-12547)
There are multiple vulnerabilities in IBM® Runtime Environment Java which is used by IBM Spectrum Protect (formerly Tivoli Storage Manager) for Enterprise Resource Planning. These issues were disclosed as part of the IBM Java SDK updates in January 2019.
CVE(s): CVE-2018-1890, CVE-2018-12547
Affected product(s) and affected version(s):
The following levels of IBM Spectrum Protect (formerly Tivoli Storage Manager) for Enterprise Resource Planning are affected:
- 8.1.0.0 through 8.1.6.0 – Data Protection for SAP HANA
8.1.0.0 through 8.1.4.0 – Data Protection for SAP for Db2 and Data Protection for SAP for Oracle - 7.1.3.0 through 7.1.3.1 – Data Protection for SAP HANA, Db2, and Oracle.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10883888
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152081
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157512
The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect for Enterprise Resource Planning (CVE-2018-1890, CVE-2018-12547) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2ZzFnOA