High Severity

IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Snapshot on AIX and Linux (CVE-2018-1890, CVE-2018-12547) Security Bulletin

Share this post:

Multiple vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in January 2019. IBM® Runtime Environment Java™ is used by IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) on AIX and Linux.

CVE(s): CVE-2018-1890, CVE-2018-12547

Affected product(s) and affected version(s):
The following IBM FlashCopy Manager (IBM Spectrum Protect Snapshot (fomerly Tivoli Storage FlashCopy Manager) components on Unix and Linux are affected:

  • IBM Spectrum Protect Snapshot for DB2 versions on AIX and Linux x86 only:
    – 8.1.0.0 through 8.1.6.0
    – 4.1.0.0 through 4.1.6.2
  • IBM Spectrum Protect Snapshot for Custom Applications versions on AIX and Linux x86 only:
    – 8.1.0.0 through 8.1.6.0
    – 4.1.0.0 through 4.1.6.2
  • IBM Spectrum Protect Snapshot for Oracle versions on AIX and Linux x86 only:
    – 8.1.0.0 through 8.1.6.0
    – 4.1.0.0 through 4.1.6.2
  • IBM Spectrum Protect Snapshot for Oracle with SAP environments versions on AIX and Linux x86 only:
    – 8.1.0.0 through 8.1.6.0
    – 4.1.0.0 through 4.1.6.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10885230
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152081
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157512

More stories

Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities

Sep 24, 2021 8:00 pm EDT | High Severity

The Planning Analytics Workspace component of IBM Planning Analytics is affected by vulnerabilities These have been addressed in IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 68. ...read more


Security Bulletin: Integrated application server and integrated web services for IBM i are affected by CVE-2021-35517 and CVE-2021-36090

Sep 24, 2021 8:00 pm EDT | High Severity

There are multiple vulnerabilities in the Apache Commons Compress library as described in the vulnerability details section. The Apache Commons Compress library is used by WebSphere Application Server Liberty on IBM i. WebSphere Application Server Liberty is the runtime that is used by integrated application server and integrated web services server. IBM i has addressed the vulnerability in the WebSphere Application Server Liberty implementation. ...read more


Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management

Sep 23, 2021 8:00 pm EDT | High Severity

Kernel is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. ...read more