Security Bulletin: IBM Sterling Connect:Direct for UNIX is vulnerable to unspecified vulnerabilities and sensitive information exposure due to IBM Runtime Environment Java Technology Edition Version 8

Summary IBM Java 8 is used by IBM Sterling Connect:Direct for UNIX in product configuration, management, and data transmission. IBM Sterling Connect:Direct for UNIX is impacted by unspecified vulnerabilities and sensitive information exposure due to IBM Java 8. IBM Sterling Connect:Direct for UNI...

Security Bulletin: IBM Sterling Connect:Direct File Agent is vulnerable to multiple issues due to IBM Runtime Environment Java Technology Edition

Summary IBM Sterling Connect:Direct File Agent uses IBM Runtime Environment Java Technology Edition, Version 7 and 8. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related ...

Security Bulletin: IBM Sterling Connect:Direct File Agent is vulnerable to remote attack and denial of service due to IBM Runtime Environment Java Technology Edition (CVE-2023-22081, CVE-2023-5676)

Summary IBM Sterling Connect:Direct File Agent uses IBM Runtime Environment Java Technology Edition, Version 7 and 8. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related ...

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to denial of service due to IBM Runtime Environment Java Technology Edition (CVE-2022-21626)

Summary There is a vulnerability in IBM Runtime Environment Java Technology Edition, Version 7 and 8 used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVE CVE-2022-21626. Vulnerability Details...

Security Bulletin: IBM MQ Internet Pass-Thru is vulnerable to an issue within IBM® Runtime Environment Java™ Technology Edition, Version 7. (CVE-2021-35603)

Summary IBM MQ Internet Pass-Thru has addressed the following vulnerability in the IBM® Runtime Environment Java™ Technology Edition, Version 7 used by IBM MQ Internet Pass-Thru. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE...

Security Bulletin: Vulnerability in IBM Java Runtime affects IBM Tivoli Netcool Configuration Manager (ITNCM) (CVE-2015-7575)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 6 Service Refresh 16 Fix Pack 5 and earlier releases that is used by ITNCM. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016...

Security Bulletin: Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 that is used by IBM Tivoli Netcool Configuration Manager (ITNCM).

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 Service Refresh 16 Fix Pack 4 and subsequent releases, as used by ITNCM. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam...

Security Bulletin: IBM Cognos Controller 2018Q3 Security Updater: Multiple vulnerabilities have been identified in IBM Cognos Controller

Summary This bulletin addresses several security vulnerabilities that are fixed in IBM Cognos Business Intelligence Controller. There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 and the IBM® Runtime Environment Java™ Technology Edition, Version 8...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime Technology Edition affect Rational Functional Tester (CVE-2014-3065, CVE-2014-3566, CVE-2014-6511)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 and IBM Runtime Environment Java Technology Edition, Version 7 that is used by IBM Rational Functional Tester. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3...

Security Bulletin:Multiple vulnerabilities in IBM JRE affect IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, and Platform HPC(CVE-2016-4003)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6, 7 that is used by IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, and Platform HPC. These issues were disclosed in the Oracle April 2016 Critic...

Security Bulletin: An unspecified JMX component vulnerability affects IBM SPSS Analytic Server (CVE-2016-3427)

Summary The IBM® Runtime Environment Java™ Technology Edition, Version 1.7, that is used by IBM SPSS Analytic Server, contains an unspecified vulnerability related to the JMX component. The vulnerability allows remote attackers to affect confidentiality, integrity, and availability via vectors...

Security Bulletin: Vulnerability in IBM Java Runtime affects IBM Image Construction and Composition Tool (CVE-2015-0138)

Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM Image Construction and Composition Tool. Vulnerability Details CVEID: CVE-2015-0138 DESCRIPTION: A vulnerabilit...