High Severity

IBM Security Bulletin: Multiple Db2 vulnerabilities affect the IBM Spectrum Protect Server

Share this post:

The IBM Spectrum Protect Server is affected by multiple IBM Db2 vulnerabilities that could allow local users to overwrite files owned by the Db2 instance owner, execution of arbitrary code on the system, or an elevation of privileges.

CVE(s): CVE-2018-1452, CVE-2018-1451, CVE-2018-1449, CVE-2018-1450, CVE-2018-1459, CVE-2018-1565, CVE-2018-1515, CVE-2018-1488, CVE-2018-1544, CVE-2018-1566, CVE-2018-1487

Affected product(s) and affected version(s):

These vulnerabilities affect the IBM Spectrum Protect Server 8.1.0.0 through 8.1.6.0.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10743215
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140047
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140046
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140044
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140045
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140210
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143022
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141624
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140973
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142648
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143023
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140972

More stories

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2426, CVE-2018-12547, CVE-2018-1890)

May 24, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control (formerly Tivoli Storage Productivity Center). These issues were disclosed as part of the IBM Java SDK updates for January 2019. CVE(s): CVE-2019-2426, CVE-2018-12547, CVE-2018-1890 Affected product(s) and affected version(s): Affected Product Affected Versions IBM Tivoli Storage ...read more


IBM Security Bulletin: Vulnerability in Apache ActiveMQ Affects IBM Control Center (CVE-2019-0222)

May 23, 2019 9:01 am EDT | High Severity

IBM Control center is affected by a Corrupt MQTT frame that can cause broker shutdown in Apache ActiveMQ. CVE(s): CVE-2019-0222 Affected product(s) and affected version(s): IBM Control Center 6.0.0.0 through 6.0.0.2 iFix05 IBM Control Center 6.1.0.0 through 6.1.2.0 iFix01 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10881171X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158686 ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MQ and IBM MQ Appliance

May 23, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6, 7 and 8 used by IBM MQ and IBM MQ Appliance. IBM MQ and IBM Appliance have addressed the applicable CVEs. CVE(s): CVE-2019-2449, CVE-2019-2422, CVE-2018-12549 Affected product(s) and affected version(s): IBM MQ and IBM MQ Appliance 9.1 Long Term Support (LTS) Maintenance levels 9.1.0.1 ...read more