High Severity

IBM Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for VMware (CVE-2017-10115, CVE-2017-10116)

Share this post:

There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for VMware. These issues were disclosed as part of the IBM Java SDK updates in July 2017.

CVE(s): CVE-2017-10115, CVE-2017-10116

Affected product(s) and affected version(s):

The following levels of IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for VMware are affected:

  • 4.1.0.0 through 4.1.6.2
  • 3.2 and below (all levels) – these releases are EOS

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22013067
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128876
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128877

More stories

Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow – CVE-2020-4687, CVE-2020-4760, CVE-2020-4704

Dec 3, 2020 7:00 pm EST | High Severity

The embedded IBM Content Navigator, that is shipped with IBM Business Automation Workflow is vulnerable to several security vulnerabilities. ...read more


Security Bulletin: Upgrade javaenv:2.2 to address Gradle oauth authentication concerns.

Dec 3, 2020 7:00 pm EST | High Severity

The version of Gradle shipped in the Fabric java chaincode environment image version 2.2. (javaenv.2.2) depends on a vulnerable version of the google ouatth client. ...read more