Home Unlabelled Security Bulletin: IBM Cognos Business Intelligence has addressed multiple vulnerabilties

Security Bulletin: IBM Cognos Business Intelligence has addressed multiple vulnerabilties

By
Thursday, December 19, 2019
Read
Add Comment

Dec 19, 2019 7:00 pm EST

Categorized: High Severity

Share this post:

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 used by IBM Cognos Business Intelligence. These issues were disclosed as part of the IBM Java SDK updates in October 2018, January 2019, April 2019, July 2019 and October 2019. IBM Cognos Business Intelligence has addressed the applicable CVEs. Vulnerabilities have been addressed in the following 3rd party software components that are consumed by IBM Cognos Business Intelligence: IBM Websphere Liberty, OpenSSL, Apache HTTP Server, Apache POI, Microsoft C++ Runtime Library, ICU for C++, and OpenSSL An XSRF vulnerability in the IBM Cognos Business Intelligence has also been addressed.

Affected product(s) and affected version(s):

IBM Cognos Business Intelligence 10.2.2

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1142626



from IBM Product Security Incident Response Team https://ift.tt/36Sbi03
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us