Security Bulletin: IBM Software Support mobile app is vulnerable to multiple vulnerabilities due to 3rd party software

Summary This release includes information about multiple vulnerabilities, improving the overall security and stability of the application. The types of vulnerabilities resolved include: Axios Vulnerability: Addressed an issue that could potentially cause SSRF and credential leakage server and...

Security Bulletin: IBM Software Support mobile app is vulnerable to multiple vulnerabilities due to 3rd party software

Summary This release includes information about multiple vulnerabilities, improving the overall security and stability of the application. The types of vulnerabilities resolved include: Cross-Site Scripting XSS Vulnerability: Addressed an issue that could allow an attacker to inject malicious...

Security Bulletin: TSM client metadata local unauthorized access (CVE-2013-6335)

Summary IBM Tivoli Storage Manger TSM for Space Management files can be restored incorrectly by the TSM Backup-Archive client, potentially allowing unauthorized local access to those files. Vulnerability Details CVE ID: CVE-2013-6335 Description: The file metadata of TSM for Space Management file...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM CommonStore and IBM Content Collector (CVE-2014-4244, CVE-2014-4263)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 5 and 6 that are used by IBM CommonStore for Lotus Domino and IBM Content Collector. These issues were disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details CVEID:...

Security Bulletin: Vulnerability in SSLv3 affects IBM CommonStore and IBM Content Collector (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM CommonStore for Lotus Domino and IBM Content Collector. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remo...

Security Bulletin: Vulnerability in SSLv3 affects IBM InfoSphere Optim Configuration Manager (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that is referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM® InfoSphere® Optim™ Configuration Manager. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: IBM InfoSphere Optim Configuration Manager...