Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Tue Apr 16 10:52:12 CDT 2019 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/javajan2019advisory.asc https://aix.software.ibm.com/aix/efixes/security/javajan2019advisory.asc...

Security Bulletin: A vulnerability in IBM Java SDK affects IBM Spectrum Scale packaged in IBM Elastic Storage Server (CVE-2018-3180)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Elastic Storage Server. This issue was disclosed as part of the IBM Java SDK updates in Oct 2018. Vulnerability Details CVEID: CVE-2018-3180 DESCRIPTION: An unspecified vulnerability in Oracle Java SE...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Watson Assistant on IBM Cloud Private

Summary There are multiple vulnerabilities in the IBM® Runtime Environment Java™ Technology Edition, Version 8, used by IBM Watson™ Assistant for IBM Cloud Private. The issues were disclosed as part of the IBM Java SDK updates for October 2018. Vulnerability Details CVEID: CVE-2018-3139...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Integration Designer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and Version 8 that affect IBM Integration Designer for IBM Business Process Manager BPM and IBM Business Automation Workflow. Integration Designer has addressed the applicable CVEs. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server in IBM Cloud January 2019 CPU

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM Java SDK updates in January 2019. These may affect some configurations of IBM WebSphere Application Server Traditional...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Performance Management products

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM Monitoring. IBM Monitoring has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-3139 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Access Manager for Enterprise Single Sign-On

Summary These issues were also addressed by IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On. Vulnerability Details CVEID: CVE-2019-2426 DESCRIPTION: An unspecified vulnerability related to the Java SE Networking component could allow an...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum LSF Process Manager

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Version 8 used by IBM Spectrum LSF Process Manager. IBM Spectrum LSF Process Manager has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-11212 DESCRIPTION: libjpeg is vulnerable to a denial of service,...

Security Bulletin: Vulnerability in IBM® Java SDK affects IBM SPSS Analytic Server (CVE-2017-10356, CVE-2017-10388)

Summary An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Libraries component could allow an unauthenticated attacker to take control of the system. Vulnerability Details CVEID: CVE-2017-10356 DESCRIPTION: An unspecified vulnerability in Oracle Java SE relate...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Security Identity Manager Virtual Appliance

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and IBM® Runtime Environment Java™ Version 7 used by IBM Security Identity Manager Virtual Appliance. IBM Security Identity Manager Virtual Appliance has addressed the applicable CVEs. Vulnerability Details...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM Z Open Development (CVE-2018-3180)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition that is used by IBM Z Open Development. The issue was disclosed as part of the IBM Java SDK updates in October 2018. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum LSF Analytics

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Version 7 used by IBM Spectrum LSF Analytics. These issues were disclosed as part of the IBM Java SDK updates in January 2019. Vulnerability Details CVEID: CVE-2018-11212 DESCRIPTION: libjpeg is vulnerable to a denial of...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation.

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Version 6 and 7 used by IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation. These issues were disclosed as part of the IBM Java SDK...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Operations Analytics Predictive Insights January 2019 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 Service Refresh 10 Fix Pack 1 that is used by IBM Operations Analytics Predictive Insights 1.3.5 and earlier. There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 Service Refre...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2018-1890, CVE-2018-12547)

Summary There are multiple vulnerabilities in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center have addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java...

Security Bulletin: Vulnerabilities identified in IBM® Java SDK affect WebSphere Service Registry and Repository and WebSphere Service Registry and Repository Studio (CVE-2018-12547 and CVE-2019-2426)

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7 and 8 used by WebSphere Service Registry and Repository and WebSphere Service Registry and Repository Studio. These issues were disclosed as part of the IBM Java SDK updates in January 2019. These issues are also addressed b...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server January 2019 CPU that is bundled with IBM WebSphere Application Server Patterns

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM Java SDK updates in January 2019. Vulnerability Details For information on the IBM Java SDK that is now bundled with...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server July 2018 CPU

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates in July 2018. These may affect some configurations of IBM WebSphere Application Server...

CVE-2019-0729

An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'...

CVE-2019-0729

The CVE-2019-0729 entry concerns Microsoft Azure IoT Java SDK. The connected MSRC advisory specifies the root cause as improper randomness in symmetric key generation, enabling an attacker to derive/predict the generated keys and gain elevated privileges. Affected component: Azure IoT Java SDK (k...