Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2022-21496, CVE-2022-21434, CVE-2022-21443)

Summary There are multiple vulnerabilities in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-21496 DESCRIPTION: An unspecified...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM App Connect Enterprise and IBM Integration Bus

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM App Connect Enterprise and IBM Integration Bus. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Apr 2022 includes Oracle April 2022 CPU. The fix includes IBM Jav...

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2022-21299)

Summary There is a vulnerability in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-21299 DESCRIPTION: An unspecified vulnerability in...

Security Bulletin: IBM Tivoli Directory Integrator can be affected by vulnerabilities in the IBM Java Runtime Environment (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract CVE-2013-0440 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect availability via vectors related to JSSE. CVE- 2013-0443 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect confidentiality and integrity...

Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE executed under a security manager.

Abstract IBM Tivoli Monitoring ships and uses a Java Runtime Environment JRE. This alert addresses several vulnerabilities for the Tivoli Enterprise Portal browser JRE which might allow remote untrusted Java WebStart applications and untrusted Java applets to affect confidentiality, availability...

Security Bulletin: Vulnerability in the JVM (CVE-2013-1500)

Abstract In SmartCloud Provisioning, when AWT code is run, a vulnerability of the JVM can be exploited. Content VULNERABILITY DETAILS: CVEID: CVE-2013-1500 DESCRIPTION: An unspecified vulnerability related to the Java Runtime Environment 2D component has partial confidentiality impact, partial...

Security Bulletin: Multiple vulnerabilities in InfoSphere Optim Performance Manager due to vulnerabilities in IBM Java Runtime Environment (CVE-2013-0440, CVE-2013-0443)

Abstract IBM InfoSphere Optim Performance Manager uses the IBM Java Runtime Environment JRE and might be affected by vulnerabilities in the IBM JRE. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0440 DESCRIPTION: An unspecified vulnerability in Oracle Java within the JSSE component could allow ...

Security Bulletin: IBM Tivoli Federated Identity Manager and Tivoli Federated Identity Manager Business Gateway can be affected by three vulnerabilities in the Websphere IBM Java Runtime Environment (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract CVE-2013-0440 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect availability via vectors related to JSSE. CVE- 2013-0443 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect confidentiality and integrity...

Security Bulletin: Potential security vulnerabilities in WebSphere Partner Gateway Express for the Oracle CPU February 2013.

Abstract The IBM WebSphere Partner Gateway is shipped with an IBM Java SDK that is based on the Oracle SDK. The February 2013 Oracle Critical Patch Updates CPU contained various security vulnerability fixes for the Oracle JDKs. The IBM Java SDK that WebSphere Partner Gateway ship is similarly...

Security Bulletin: IBM QRadar SIEM and QRadar Risk Manager can be affected by three vulnerabilities in the IBM Java Runtime Environment (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract CVE-2013-0440 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect availability via vectors related to JSSE. CVE- 2013-0443 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect confidentiality and integrity...

Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling Control Center

Abstract A number of security vulnerabilities have been discovered in the Java Runtime Environment and the Cognos Business Intelligence components included in IBM SCC. Content CVE ID: CVE-2013-1557 DESCRIPTION: Unspecified vulnerability in the Java Runtime Environment JRE related to RMI Remote...

Security Bulletin: CICS Transaction Gateway for Multiplatforms

Abstract Multiple security vulnerablilities exist in the JREs shipped with CICS TG for client applications. CICS TG itself is not vulnerable to these risks but client side applications using the JREs might be. You will need to evaluate your own code to determine if you are vulnerable. Content...

Security Bulletin: Vulnerability in SSLv3 affects IBM Data Studio Web Console (CVE-2014-3566)

Abstract SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Data Studio Web Console. Content Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : IBM Data Studio Web Console could allow a remo...

Security Bulletin: Multiple JRE vulnerabilities addressed in IBM Sterling Secure Proxy (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract The IBM JRE embedded in the IBM Sterling Secure Proxy Configuration Manager has security vulnerabilities that affect SSL connections to the configuration GUI. Content VULNERABILITY DETAILS CVE ID : CVE-2013-0440 DESCRIPTION: A vulnerability in Java Runtime Environment allows remote...

Security Bulletin: InfoSphere Optim Performance Manager affected by vulnerability in IBM JAVA JRE (CVE-2013-0169)

Abstract IBM InfoSphere Optim Performance Manager uses the IBM Java Runtime Environment JRE and is affected by a vulnerability in the IBM JRE. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0169 DESCRIPTION: The TLS protocol does not properly consider timing side-channel attacks, which allows...

Security Bulletin: Multiple vulnerabilities in IBM Rational Policy Tester (CVE-2013-0531, CVE-2013-0440, CVE-2013-4062, CVE-2013-4061, CVE-2013-2407)

Abstract Previous releases of IBM Rational Policy Tester are affected by multiple vulnerabilities reported in 3rd party components bundled with the product as well as in proprietary IBM code. These vulnerabilities include Java components, weak cipher suites, invalid certificate warnings and URL...

Security Bulletin: IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway can be affected by vulnerabilities in the Websphere IBM Java Runtime Environment (CVE-2013-2407)

Abstract Vulnerability in the Java Runtime Environment component of Oracle Java SE Content VULNERABILITY DETAILS: DESCRIPTION: CVE-2013-2407 A unspecified vulnerability in the Websphere IBM Java Runtime Environment JRE component allows remote attackers to affect the confidentiality and availabili...

Security Bulletin: TADDM: Vulnerabilities in embedded JRE

Abstract Multiple security vulnerabilities exist in the Java Runtime Environments JREs IBM JRE 5.0 Service Release 15 or earlier, and non-IBM Java 5.0 or earlier, that can affect the security of IBM Tivoli Application Dependency Discovery Manager. Content VULNERABILITY DETAILS: CVEID: CVE-2013-14...

Security Bulletin: Multiple JRE vulnerabilities addressed in IBM Sterling External Authentication Server (CVE-2013-1571, CVE-2013-1500, CVE-2013-0443, CVE-2013-0440, CVE-2013-0169)

Abstract The IBM JRE embedded in the IBM Sterling External Authentication Server has security vulnerabilities in its Javadoc, and in SSL connections to the configuration GUI. Content VULNERABILITY DETAILS CVE ID: CVE-2013-1571 DESCRIPTION: The Javadoc documentation generated for the Sterling...

Security Bulletin: Multiple vulnerabilities in IBM DB2 Performance Expert and IBM InfoSphere Optim Performance Manager due to vulnerabilities in IBM Java Runtime Environment (CVE-2012-1720, CVE-2012-5081).

Abstract DB2® Performance Expert and InfoSphere® Optim™ Performance Manager use the IBM® Java™ Runtime Environment JRE and might be affected by vulnerabilities in the IBM JRE. Content VULNERABILITY DETAILS: CVE ID: CVE-2012-1720 DESCRIPTION: An unspecified vulnerability in the JRE component allow...