High Severity

IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security SiteProtector System

Share this post:

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Security SiteProtector System. These issues were disclosed as part of the IBM Java SDK updates in October 2017.

CVE(s): CVE-2017-10356, CVE-2017-10388

Affected product(s) and affected version(s):

IBM Security SiteProtector System 3.0 and 3.1.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22012707
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133785
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133813

More stories

Security Bulletin: Vulnerability in Apache Log4j may affect IBM Spectrum Archive Enterprise Edition (CVE-2021-4104)

Jan 26, 2022 7:00 pm EST | High Severity

A vulnerability in Apache Log4j v1 could result in remote code execution. IBM Spectrum Archive Enterprise Edition includes the IBM Spectrum Protect Backup-Archive Client which installs the vulnerable Log4j v1 files. The below fix package includes Apache Log4j 2.17.1. ...read more


Security Bulletin: Vulnerability in Apache Log4j may affect IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2021-4104)

Jan 26, 2022 7:00 pm EST | High Severity

A vulnerability in Apache Log4j (CVE-2021-4104) has been identified that may affect IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data. Several components of IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data use Log4j to log diagnostic data unrelated to customer input. The fix below includes Log4j 2.17. ...read more


Security Bulletin: IBM MegaRAID Storage Manager is affected by a vulnerability in Log4j (CVE-2021-4104)

Jan 26, 2022 7:00 pm EST | High Severity

The following vulnerability in Log4j has been addressed by IBM MegaRAID Storage Manager. This fix includes the removal of Log4j. ...read more