IBM Security Bulletin: Multiple IBM SDK Java™ Technology Edition, Version 6 security vulnerabilities addressed in Tivoli Endpoint Manager for Remote Control

Share this post:

Tivoli Endpoint Manager for Remote Control deploys IBM SDK Java™ Technology Edition Version 6 as part of the server deployment and the controller installation. These vulnerabilities are only applicable where untrusted code maybe be executed using these deployed Java bundles.

CVE(s):CVE-2013-5457, CVE-2013-4041, CVE-2013-5375, CVE-2013-5372, CVE-2013-1500, CVE-2013-2412, CVE-2013-3829, CVE-2013-4002, CVE-2013-5774, CVE-2013-5776, CVE-2013-5778, CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5789, CVE-2013-5797, CVE-2013-5801, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5809, CVE-2013-5812, CVE-2013-5814, CVE-2013-5817, CVE-2013-5818, CVE-2013-5819, CVE-2013-5820, CVE-2013-5823, CVE-2013-5824, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830, CVE-2013-5831, CVE-2013-5832, CVE-2013-5840, CVE-2013-5842, CVE-2013-5843, CVE-2013-5848, CVE-2013-5849, CVE-2013-5850, CVE-2013-5878, CVE-2013-5888, CVE-2013-5889, CVE-2013-5896, CVE-2013-5898, CVE-2013-5899, CVE-2013-5907, CVE-2013-5910, CVE-2014-0368, CVE-2014-0373, CVE-2014-0375, CVE-2014-0376, CVE-2014-0387, CVE-2014-0403, CVE-2014-0411, CVE-2014-0415, CVE-2014-0416, CVE-2014-0417, CVE-2014-0422, CVE-2014-0423, CVE-2014-0424, CVE-2014-0428, CVE-2013-2407, CVE-2013-2437, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3007, CVE-2013-3009, CVE-2013-3011, CVE-2013-3012 and CVE-2013-3743

Affected product(s) and affected version(s):

Tivoli Endpoint Manager for Remote Control version 8.2.1 and version 8.2.0.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg21659761
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85062
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85059
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87986
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85260
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/86416
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/86662
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/86901
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/88256
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87999
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87992
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87990
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87960
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87987
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/88005
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87967
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87968
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/88006
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87991
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87982
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/88008
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87984
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87962
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87985
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87964
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87969
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87993
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87994
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87996
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87989
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87965
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87988
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87963
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87961
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87995
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87972
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87998
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87970
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87971
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/88000
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/88003
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/87973
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90335
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90354
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90328
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90347
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90356
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90346
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90324
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90352
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90351
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90334
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90339
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90350
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90332
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90338
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90357
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90323
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90349
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90331
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90326
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90340
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90333
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/90325
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85044
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85049
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85054
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85047
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85048
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85056
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85040
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85057
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85061
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85055
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85053
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85045
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/84146
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85058
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85052
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85033
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85029
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85030
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85031
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85035
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85034
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85032
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85025
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85026
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85027
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85028
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/84148
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/84150
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/84152
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/84153
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/85036

More stories

IBM Product Security Incident Response

Acknowledgement

Aug 2, 2019 9:00 am EDT

IBM acknowledges and thanks the security researchers and organizations listed below for reporting and working with us to resolve one or more security vulnerabilities in our products and services. Disclosures for 2019 Danang Tri Atmaja Neil Kettle, (Trustwave) Rich Mirch Steve Petz   Disclosures for 2018 Artem Metla Cody Wass, (NetSPI) David Azria, Alex Mor, ...read more


IBM Addresses Reported Intel Security Vulnerabilities

May 20, 2019 4:34 pm EDT

In May 2019, Microarchitectural Data Sampling (MDS) side channel attack variants were disclosed (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091). These security vulnerabilities made public by Intel have the potential to allow an attacker running code on the same physical CPU to read other data being processed by that CPU. There are no known exploits at this ...read more


Potential Impact on Processors in the POWER Family

May 14, 2019 6:30 pm EDT

In January 2018, three security vulnerabilities were made public that allow unauthorized users to bypass the hardware barrier between applications and kernel memory. These vulnerabilities all make use of speculative execution to perform side-channel information disclosure attacks. The first two vulnerabilities, CVE-2017-5753 and CVE-2017- 5715, are collectively known as Spectre, and allow user-level code to ...read more