Security Bulletin: IBM Sterling Connect:Direct File Agent is vulnerable to multiple issues due to IBM Runtime Environment Java Technology Edition

Summary IBM Sterling Connect:Direct File Agent uses IBM Runtime Environment Java Technology Edition, Version 7 and 8. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related ...

Security Bulletin: There are multiple vulnerabilities in IBM Semeru Runtime and IBM SDK, Java Technology Edition that is shipped with CICS Transaction Gateway Desktop Edition.

Summary There are multiple vulnerabilities in IBM Semeru Runtime and IBM SDK, Java Technology Edition that is shipped with CICS Transaction Gateway Desktop Edition. An update to CICS Transaction Gateway Desktop Edition has been released to address these vulnerabilities. Vulnerability Details...

Security Bulletin: Vulnerabilities in IBM SDK, Java Technology affect Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software

Summary Vulnerabilities in IBM SDK, Java Technology affect Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software CVE-2023-33850, CVE-2023-22067 Vulnerability Details CVEID:CVE-2023-33850 DESCRIPTION: IBM GSKit-Crypto could allow a remote attacker to...

Security Bulletin: There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM CICS TX Advanced (CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850).

Summary There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM CICS TX Advanced CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850. An update to IBM CICS TX Advanced has been released to addre...

Security Bulletin: There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM CICS TX Standard (CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850).

Summary There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM CICS TX Standard CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850. An update to IBM CICS TX Standard has been released to addre...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle Jan 2024 Critical Patch Update. Vulnerability Details CVEID:CVE-2024-20918 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality impact and...

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to multiple vulnerabilities in IBM Java SDK

Summary There are multiple vulnerabilities in IBM Java SDK, Java Technology Edition used by IBM App Connect Enterprise and IBM Integration Bus. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified...

Security Bulletin: IBM SDK, Java Technology Edition, Security Update February 2024

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that is used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates up to February 2024. IBM 8 SR8 FP20 1.8.0401. Vulnerability Details CVEID:CVE-2023-22067 DESCRIPTION:...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2024 - Includes Oracle January 2024 CPU plus CVE-2023-33850

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities a...

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM SDK, Java Technology Edition Quarterly CPU - Jan 2024 - Includes Oracle January 2024 CPU is vulnerable to CVE-2023-33850

Summary This bulletin covers all applicable Java SE CVEs published by Oracle as part of their January 2024 Critical Patch Update, plus CVE-2023-33850. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack: Jazz Foundation, IBM Jazz Reporting Service, IBM...

Security Bulletin: IBM Sterling Connect:Direct File Agent is vulnerable to remote attack and denial of service due to IBM Runtime Environment Java Technology Edition (CVE-2023-22081, CVE-2023-5676)

Summary IBM Sterling Connect:Direct File Agent uses IBM Runtime Environment Java Technology Edition, Version 7 and 8. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related ...

Security Bulletin: There are multiple vulnerabilities in IBM SDK, Java Technology Edition and Eclipse OpenJ9 that are shipped with CICS Transaction Gateway for Multiplatforms (CVE-2023-22081, CVE-2023-22067 and CVE-2023-5676).

Summary There are multiple vulnerabilities in IBM SDK, Java Technology Edition and Eclipse OpenJ9 that are shipped with CICS Transaction Gateway for Multiplatforms CVE-2023-22081, CVE-2023-22067 and CVE-2023-5676. An update to CICS Transaction Gateway for Multiplatforms has been released to addre...

Security Bulletin: There are multiple vulnerabilities in IBM SDK, Java Technology Edition that is shipped with CICS Transaction Gateway Desktop Edition (CVE-2023-22045 and CVE-2023-22049).

Summary There are multiple vulnerabilities in IBM SDK, Java Technology Edition that is shipped with CICS Transaction Gateway Desktop Edition CVE-2023-22045 and CVE-2023-22049. An update to CICS Transaction Gateway Desktop Edition has been released to address these vulnerabilities. Vulnerability...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM MQ which is shipped with IBM Intelligent Operations Center.

Summary Multiple security vulnerabilities have been identified in IBM MQ which shipped with IBM Intelligent Operations Center. Information about security vulnerabilities affecting IBM MQ has been published in a security bulletin CVE-2023-5072, CVE-2023-22081, CVE-2023-5676 Vulnerability Details...

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems and Content Collector for Microsoft SharePoint

Summary CVE-2023-22081 and CVE-2023-22067 were disclosed in the Oracle October 2023 Critical Patch Update. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could allow a remote attacker to cause no confidentiality impact...

Security Bulletin: CVE-2023-22049 may affect IBM® SDK, Java™ Technology Edition for Content Collector for Email, Content Collector for File Systems and Content Collector for Microsoft SharePoint

Summary CVE-2023-22049 was disclosed in the Oracle July 2023 Quarterly CPU Update. Vulnerability Details CVEID:CVE-2023-22049 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow a remote attacker to cause low integrity impacts. CVSS Base score: 3.7...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager - Oracle October 2023 CPU (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in October 2023. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle July 2023 Critical Patch Update. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low confidentiality impacts. CV...

Security Bulletin: There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM CICS TX Advanced (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676, CVE-2023-22045 and CVE-2023-22049).

Summary There are multiple vulnerabilities in the IBM SDK, Java Technology Edition that is shipped with IBM CICS TX Advanced CVE-2023-22081, CVE-2023-22067, CVE-2023-5676, CVE-2023-22045 and CVE-2023-22049. An update to IBM CICS TX Advanced has been released to address these vulnerabilities...

Security Bulletin: IBM MQ is affected by a vulnerability in the IBM Runtime Environment, Java Technology Edition.

Summary An issue was identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped with IBM MQ for Solaris. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to...