Security Bulletin:IBM SDK, Java Technology Edition Quarterly CPU - Oct 2021 affects IBM Security Verify Governance, Identity Manager virtual appliance component

Summary Vulnerability in IBM® Java™ SDK Technology Edition Quarterly CPU - Oct 2021 , used by IBM Security Verify Governance, Identity Manager virtual appliance component. IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the applicable CVE. Vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM® Java™ Runtime may affect IBM Decision Optimization Center (CVE-2022-21360, CVE-2022-21365)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-21365 DESCRIPTION: An unspecified vulnerability in Java S...

Security Bulletin: IBM Operations Analytics Predictive Insights is vulnerable to multiple vulnerabilities due to the use of IBM SDK, Java Technology Edition.

Summary IBM SDK, Java Technology Edition Quarterly CPU includes all applicable Java SE CVEs published by Oracle as part of their Quarterly CPU. This IBM SDK, Java Technology EditionQuarterly Update also covers one additional OpenJ9 CVE: CVE-2021-41035. The relevant CVEs CVE-2021-35560,...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - October 2021

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, as used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM Virtualization Engine TS7700 has addressed the applicable CVEs. Vulnerabili...

Security Bulletin: CVE-2021-35603 may affect IBM® SDK, Java™ Technology Edition

Summary CVE-2021-35603 was disclosed as part of the Oracle October 2021 Critical Patch Update. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information...

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2989, CVE-2020-2593 and CVE-2019-4732 )

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control formerly Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates for October 2019 and January 2020. Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Summary This bulletin covers all applicable Java SE CVEs published by Oracle as part of their January 2022 Critical Patch Update, except for CVE-2022-21299 which will be covered by a future bulletin. For more information please refer to Oracle's January 2022 CPU Advisory and the X-Force database...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2021 - Includes Oracle October 2021 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in October 2021. Vulnerability...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2021 - Includes Oracle October 2021 CPU (minus CVE-2021-35550/35561/35603) plus CVE-2021-41035 affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in October 2021. Vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Snapshot on AIX and Linux (CVE-2018-1890, CVE-2018-12547)

Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in January 2019. IBM® Runtime Environment Java™ is used by IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager on AIX and Linux. Vulnerability Details CVEID:...

Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM i2 Intelligence Analysis Platform (CVE-2015-4000)

Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of the IBM WebSphere Application Server used with the IBM i2 Intelligence Analysis Platform. The IBM HTTP Server used by IBM i2 Intelligence Analysis Platform is not affected. Vulnerability Details...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - October 2021 - Includes Oracle October 2021 CPU (minus CVE-2021-35550/35561/35603) plus CVE-2021-41035

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, and 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for...

Security Bulletin: A security vulnerability has been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Netcool Impact (CVE-2021-2341)

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Netcool Impact. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details CVEID: CVE-2021-2341 DESCRIPTION: An...

Security Bulletin: CVE-2021-2161 may affect IBM® SDK, Java™ Technology Edition used by IBM Data Studio Client

Summary CVE-2021-2161 was disclosed in the Oracle April 2021 Patch Update. Vulnerability Details CVEID: CVE-2021-2161 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity...

Security Bulletin: Security Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020 - affect multiple IBM Continuous Engineering products based on IBM Jazz Technology

Summary There are multiple vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020 - Includes Oracle Oct 2020 CPU minus CVE-2020-14781 and CVE-2020-14782 and CVE-2020-14782 that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications:...

Security Bulletin: CVE-2021-2341 may affect IBM® SDK, Java™ Technology Edition

Summary CVE-2021-2341 was disclosed as part of the Oracle July 2021 Critical Patch Update. Vulnerability Details CVEID: CVE-2021-2341 DESCRIPTION: An unspecified vulnerability in Java SE related to the Networking component could allow an unauthenticated attacker to obtain sensitive information...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - July 2021 - Includes Oracle July 2021 CPU minus CVE-2021-2341 affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in July 2021. Vulnerability...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle July 2021 Critical Patch Update Vulnerability Details CVEID: CVE-2021-2388 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to take control of the system. CVSS Base score: 7.5 CV...

Security Bulletin: Vulnerablities in IBM SDK, Java Technology Edition Quarterly.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 SR10-FP80 and Version 8 SR6-FP25 used by IBM Tivoli Application Dependency Discovery Manager TADDM. These issues were disclosed as part of the IBM Java SDK updates. Vulnerability Details CVEID: CVE-2020-277...

Security Bulletin: A vulnerabbility exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager CVE-2021-2388, CVE-2021-2369, CVE-2021-2432, CVE-2021-2341.

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2, which was disclosed in the Oracle July 2021 Critical Patch Update. Vulnerability Details Refer to the security bulletins listed in the...