CVE-2017-1794

IBM Tivoli Monitoring Enterprise Portal is vulnerable to TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. Affected: Enterprise Portal Server 6.2.3 (Fix Pack 5) and 6.3.0 (Fix Pack 7). Root cause is memory growth that can be exploited to escalate pr...

Security Bulletin: IBM Tivoli Monitoring Agent Framework component. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9843)

Summary IBM Tivoli Monitoring uses zlib compression library in both the General services library and the File Transfer component. This bulletin address several reported vulnerabilities in the zlib compression library. Vulnerability Details CVEID: CVE-2016-9840 DESCRIPTION: zlib is vulnerable to a...

Security Bulletin: IBM Tivoli Monitoring Basic Services component. (CVE-2012-6702, CVE-2016-5300)

Summary IBM Tivoli Monitoring uses Expat parser for parsing various configuration xml files as well as parsing soap requests. Vulnerability Details CVEID: CVE-2012-6702 DESCRIPTION: Expat, when used in a parser that has not called XMLSetHashSalt or passed it a seed of 0, could provide weaker than...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Monitoring

Summary There are several vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. Vulnerability Details CVEID: CVE-2016-5568 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the AWT component has high...