Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMB8F8FAB6D9387300926404BC53D8D8ADA0A1DADFC7A4CF32B99AAEAF7D05C0A1
HistoryJan 31, 2019 - 1:55 a.m.

Security Bulletin: Vulnerability in IBM Java Runtime affects IBMTivoli Monitoring, Tivoli Application Dependency Discovery Manager, IBM Systems Director and Tivoli Common Reporting with IBM System Director Editions (CVE-2015-0138)

2019-01-3101:55:01
www.ibm.com
8
JSON

Summary

IBM Tivoli Monitoring, Tivoli Application Dependency Discovery Manager, IBM System Director and Tivoli Common Reporting are shipped as components of IBM System Director Editions. Information about the security vulnerability affecting these components hasbeen published in the security bulletin.

Vulnerability Details

Summary

IBM Tivoli Monitoring, Tivoli Application Dependency Discovery Manager, IBM System Director and Tivoli Common Reporting are shipped as components of IBM System Director Editions. Information about the security vulnerability affecting these components has been published in the security bulletin.

Vulnerability Details:

Please consult the security bulletins listed below for the vulnerability details of the affected products.

Affected products and versions

Affected Product and Version(s) Product and Version shipped as a component Security Bulletin
IBM System Director Editions 6.2.0.0 IBM Tivoli Monitoring6.2.2.02. base FP2 (TEPS, TDW, TCR) <http://www-01.ibm.com/support/docview.wss?uid=swg21701519&gt;
IBM System Director Editions 6.2.0.0 Tivoli Application Dependency Discovery Managerv7.2 <http://www-01.ibm.com/support/docview.wss?uid=swg21701949&gt;
IBM System Director Editions 6.2.0.0 Tivoli Common Reporting1.3 <http://www-01.ibm.com/support/docview.wss?uid=swg21903299&gt;
IBM System Director Editions 6.2.0.0 IBM System Director 6.2.0.0 http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5097735
IBM System Director Editions 6.2.1.0 IBM Tivoli Monitoring6.2.2 (TEPS, TDW, TCR) <http://www-01.ibm.com/support/docview.wss?uid=swg21701519&gt;
IBM System Director Editions 6.2.1.0 Tivoli Application Dependency Discovery Managerv7.2 <http://www-01.ibm.com/support/docview.wss?uid=swg21701949&gt;
IBM System Director Editions 6.2.1.0 Tivoli Common Reporting1.3 <http://www-01.ibm.com/support/docview.wss?uid=swg21903299&gt;
IBM System Director Editions 6.2.1.0 IBM System Director 6.2.1.0 http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5097735
IBM System Director Editions 6.3.0.0 IBM Tivoli Monitoring6.2.3 (TEPS, TDW, TCR) <http://www-01.ibm.com/support/docview.wss?uid=swg21701519&gt;
IBM System Director Editions 6.3.0.0 Tivoli Application Dependency Discovery Managerv7.2.1 <http://www-01.ibm.com/support/docview.wss?uid=swg21701949&gt;
IBM System Director Editions 6.3.0.0 Tivoli Common Reporting2.1.1 <http://www-01.ibm.com/support/docview.wss?uid=swg21903299&gt;
IBM System Director Editions 6.3.0.0 IBM System Director 6.3.0.0 http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5097735
IBM System Director Editions 6.3.2.0 IBM Tivoli Monitoring6.3 (TEPS, TDW, TCR) <http://www-01.ibm.com/support/docview.wss?uid=swg21701519&gt;
IBM System Director Editions 6.3.2.0 Tivoli Common Reporting3.1 <http://www-01.ibm.com/support/docview.wss?uid=swg21903299&gt;
IBM System Director Editions 6.3.2.0 IBM System Director 6.3.2.0 http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5097735

Workarounds and Mitigations:

None

References:

Related Information:
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Acknowledgement

None

Change History
27 May 2015: Original Copy Published

  • The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an “industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.” IBM PROVIDES THE CVSS SCORES “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Related

ibm 142
aix 1
prion 1
cve 1
nessus 24
openvas 12
suse 8
kaspersky 1
redhat 5
veracode 4
ibm
ibm
Security Bulletin: Vulnerability in IBM WebSphere Application Server affects Tivoli Netcool Impact (CVE-2015-0138)
2018-06-17 14:59:23
Security Bulletin: Vulnerability in IBM Java Runtime affects IBM FileNet Content Manager and IBM Content Foundation (CVE-2015-0138)
2018-06-17 12:10:30
Security Bulletin: Current release of IBM® WebSphere Real Time is affected by CVE-2015-0138
2018-06-15 07:02:42
aix
aix
AIX IBM SDK Java JSSE vulnerability
2015-04-13 12:11:24
prion
prion
Design/Logic Flaw
2015-03-25 01:59:00
cve
cve
CVE-2015-0138
2015-03-25 01:59:00
nessus
nessus
IBM HTTP Server 8.5.0.0 <= 8.5.5.5 / 8.0.0.0 <= 8.0.0.10 / 7.0.0.0 <= 7.0.0.37 / 6.1.0.0 <= 6.1.0.47 / 6.0.0.0 <= 6.0.2.43 (257477)
2020-12-15 00:00:00
AIX Java Advisory : Multiple Vulnerabilities (Bar Mitzvah)
2015-04-30 00:00:00
IBM DB2 10.5 < Fix Pack 6 Multiple Vulnerabilities (Bar Mitzvah)
2016-04-15 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:1073-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1085-1)
2021-06-09 00:00:00
SUSE: Security Advisory for IBM Java (SUSE-SU-2015:1086-1)
2015-10-16 00:00:00
suse
suse
Security update for java-1_7_0-ibm (important)
2015-06-16 22:06:38
Security update for IBM Java (important)
2015-06-18 16:05:20
Security update for java-1_6_0-ibm (important)
2015-06-30 17:05:18
kaspersky
kaspersky
KLA10503 Multiple vulnerabilities in IBM products
2015-03-24 00:00:00
redhat
redhat
(RHSA-2015:1021) Important: java-1.5.0-ibm security update
2015-05-20 00:00:00
(RHSA-2015:1091) Low: Red Hat Satellite IBM Java Runtime security update
2015-06-11 00:00:00
(RHSA-2015:1020) Critical: java-1.7.1-ibm security update
2015-05-20 00:00:00
veracode
veracode
Sandbox Restrictions Bypass
2019-05-02 05:39:14
Sandbox Restrictions Bypass
2019-05-02 05:39:14
Insecure TLS Configurations
2019-05-02 05:39:14
JSON
Related for B8F8FAB6D9387300926404BC53D8D8ADA0A1DADFC7A4CF32B99AAEAF7D05C0A1
ibm142aix1prion1cve1nessus24openvas12suse8kaspersky1redhat5veracode4