Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability in Oracle Java SE

Summary There is a vulnerability in Oracle Java SE used by Enterprise Content Management System Monitor. Enterprise Content Management System Monitor has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK (April 2023) affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2023. Vulnerability Details CVEID:CVE-2023-21967 DESCRIPTION: An unspecified...

The vulnerability of the JSE component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the JSE component of Oracle Java SE software and the Oracle GraalVM Enterprise Edition virtual machine is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects APM Agents for Monitoring

Summary Multiple vulnerabilities in the Oracle Java SE and the Java SE Embedded impact the IBM SDK, Java Technology Edition. This effects all IBM Cloud Application Performance Management agents, all versions. Vulnerability Details CVEID:CVE-2021-28167 DESCRIPTION: Eclipse Openj9 could allow a...

Security Bulletin: IBM Sterling Connect:Direct FTP+ is vulnerable to unspecified vulnerabilities due to IBM Runtime Environment Java Technology Edition

Summary IBM Java is used by IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms in product configuration and data transmission. IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms is impacted by unspecified vulnerabilities in IBM Java. IBM Sterling Connect:Dire...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by AIX. AIX has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSS...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Tue Jul 11 10:46:27 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/javajul2023advisory.asc Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX...

Security Bulletin: IBM DataPower Gateway affected by multiple issues in JRE

Summary IBM has addressed the following CVEs, which potentially affect JDBC, IMS Callout and JMS components Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional.

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in April 2023, App Connect Professional have addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21930...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to unspecified multiple vulnerabilities in Oracle Java SE, Oracle GraalVM Enterprise Edition

Summary Potential unspecified multiple vulnerabilities in Oracle Java SE, Oracle GraalVM Enterprise Edition has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An...

Security Bulletin: Multiple CVEs may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced

Summary CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938 and CVE-2023-2597 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVEs. Vulnerability Details...

Security Bulletin: Multiple CVEs may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard

Summary CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938 and CVE-2023-2597 may affect IBM® SDK, Java™ Technology Edition shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVEs. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool. These issues were disclosed as part of the IBM Java SDK updates in Apr 2023. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle...

Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects TPF Toolkit

Summary A vulnerability in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ that is used by TPF Toolkit has been addressed. Vulnerability Details CVEID:CVE-2023-21967 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the...

Security Bulletin: IBM Watson Explorer is affected by multiple vulnerabilities in Java

Summary IBM Watson Explorer contains a vulnerable version of Java. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (ITNCM)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 7, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in January...

SUSE SLES15: java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc (SUSE-SU-2023:2242-2)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2242-2 advisory. - Updated to version jdk8u372 icedtea-3.27.0: - CVE-2023-21930: Fixed an issue in the JSSE component that could allow...

Security Bulletin: Vulnerabilities in Oracle Java SE might affect IBM Spectrum Copy Data Management (CVE-2023-21968, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21937, CVE-2023-21930)

Summary IBM Spectrum Copy Data Management can be affected by vulnerabilities in Oracle Java SE. Vulnerabilities include allowing an unauthenticated and remote attacker to cause high confidentiality impact, high integrity impact, and high availability impact, as described by the CVEs in the...

SUSE SLES15: java-1_8_0-ibm / java-1_8_0-ibm-32bit / java-1_8_0-ibm-alsa / etc (SUSE-SU-2023:2491-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2491-1 advisory. - CVE-2023-21930: Fixed possible compromise from unauthenticated attacker with network access via TLS bsc1210628. -...