IBMFFC5E4A0F00325843ED452EEEF1A1E5C049F9BB2E9C94B95A67E8F94781AD859Security Bulletin: A security vulnerability has been identified in multiple products shipped with IBM Predictive Maintenance and Quality: CVE-2015-8126, CVE-2016-0494, CVE-2016-0483, CVE-2015-8472, CVE-2016-0475, CVE-2016-0466, CVE-2016-0402, CVE-2015-757
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Summary
IBM WebSphere Application Server, IBM DB2, IBM SPSS Modeler, IBM Cognos Business Intelligence Server, IBM SPSS Collaboration and Deployment Services,IBM Integration Bus, IBM ILOG CPLEX Optimization Studio, IBM SPSS Analytic Server and IBM SPSS Modeler are shipped as components of IBM Predictive Maintenance and Quality. Information about a security vulnerability affecting : IBM WebSphere Application Server, IBM DB2, IBM SPSS Modeler, IBM Cognos Business Intelligence Server, IBM SPSS Collaboration and Deployment Services,IBM Integration Bus, IBM ILOG CPLEX Optimization Studio, IBM SPSS Analytic Server and IBM SPSS Modeler has been published their respective security bulletins.
Vulnerability Details
Please consult the Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere Message Broker and IBM Integration Bus (CVE-2015-8126, CVE-2016-0494, CVE-2016-0483, CVE-2015-8472, CVE-2016-0475, CVE-2016-0466, CVE-2016-0402, CVE-2015-7575, CVE-2016-0448, CVE-2015-5041, CVE-2015-7981, CVE-2015-8540) for vulnerability details and information about fixes.
Please consult the Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio and IBM ILOG CPLEX Enterprise Server (CVE-2015-8126 CVE-2016-0494 CVE-2016-0483 CVE-2015-8472 CVE-2016-0475 CVE-2016-0466 CVE-2016-0402 CVE-2015-7575 CVE-2016-0448 CVE-2015-5041 CVE-2015-7981 CVE-2015-8540) for vulnerability details and information about fixes.
Please consult the Security Bulletin: Please consult the Security Bulletin: Vulnerability in IBM Java SDK affects IBM® DB2® LUW (CVE-2015-8126, CVE-2016-0494, CVE-2016-0483, CVE-2015-8472, CVE-2016-0475, CVE-2016-0466, CVE-2016-0402, CVE-2015-7575, CVE-2016-0448, CVE-2015-5041, CVE-2015-7981, CVE-2015-8540) for vulnerability details and information about fixes.
Please consult the Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server January 2016 CPU (CVE-2015-8126, CVE-2016-0494, CVE-2016-0483, CVE-2015-8472, CVE-2016-0475, CVE-2016-0466, CVE-2016-0402, CVE-2015-7575, CVE-2016-0448, CVE-2015-5041, CVE-2015-7981, CVE-2015-8540) for vulnerability details and information about fixes.
Please consult the Security Bulletin: Several vulnerabilities in the libpng component of IBM Cognos Business Intelligence Server (CVE-2015-8126, CVE-2016-0494, CVE-2016-0483, CVE-2015-8472, CVE-2016-0475, CVE-2016-0466, CVE-2016-0402, CVE-2015-7575, CVE-2016-0448, CVE-2015-5041, CVE-2015-7981, CVE-2015-8540) for vulnerability details and information about fixes.
Please consult the Security Bulletin: Vulnerability in in IBM Java Runtime affect IBM SPSS Analytic Server (CVE-2015-8126, CVE-2016-0494, CVE-2016-0483, CVE-2015-8472, CVE-2016-0475, CVE-2016-0466, CVE-2016-0402, CVE-2015-7575, CVE-2016-0448, CVE-2015-5041, CVE-2015-7981, CVE-2015-8540) for vulnerability details and information about fixes.
Please consult the Security Bulletin: Vulnerability in IBM Java affect IBM SPSS Modeler (CVE-2015-8126, CVE-2016-0494, CVE-2016-0483, CVE-2015-8472, CVE-2016-0475, CVE-2016-0466, CVE-2016-0402, CVE-2015-7575, CVE-2016-0448, CVE-2015-5041, CVE-2015-7981, CVE-2015-8540) for vulnerability details and information about fixes.
Please consult the Security Bulletin: Vulnerability in IBM Java SDK affect IBM SPSS Collaboration and Deployment Services (CVE-2015-8126, CVE-2016-0494, CVE-2016-0483, CVE-2015-8472, CVE-2016-0475, CVE-2016-0466, CVE-2016-0402, CVE-2015-7575, CVE-2016-0448, CVE-2015-5041, CVE-2015-7981, CVE-2015-8540) for vulnerability details and information about fixes.
Affected Products and Versions
Principal Product and Version(s)
| Affected Supporting Product and Version
—|—
IBM Predictive Maintenance and Quality 2.0
| IBM Integration Bus V9.0.0.1
IBM DB2 Enterprise Server Edition V10.1.0.3
IBM SPSS Modeler V16.0.0.0
IBM Websphere Application Server V8.5.5.0
IBM Predictive Maintenance and Quality 2.5.0| IBM Integration Bus V9.0.0.2
IBM ILOG CPLEX Optimization Studio V12.6.0.1
IBM DB2 Enterprise Server Edition V10.5.0.4
IBM SPSS Analytic Server V1.0.1.0
IBM SPSS Modeler V16.0.0.1
IBM SPSS Collaboration and Deployment Services V6.0.0.0
IBM Websphere Application Server V8.5.5.3
IBM Predictive Maintenance and Quality 2.5.1| IBM Integration Bus V9.0.0.2
IBM ILOG CPLEX Optimization Studio V12.6.0.1
IBM DB2 Enterprise Server Edition V10.5.0.4
IBM SPSS Analytic Server V2.0
IBM SPSS Modeler V17.0.0.0
IBM SPSS Collaboration and Deployment Services V7.0.0.0
IBM Websphere Application Server V8.5.5.3
IBM Predictive Maintenance and Quality 2.5.2| IBM Integration Bus V9.0.0.2
IBM ILOG CPLEX Optimization Studio V12.6.0.2
IBM DB2 Enterprise Server Edition V10.5.0.5
IBM SPSS Analytic Server V2.0
IBM SPSS Modeler V17.0.0.0
IBM SPSS Collaboration and Deployment Services V7.0.0.1
IBM Websphere Application Server V8.5.5.6
Related
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C