High Severity

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise

Share this post:

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 7.0.10.35 used by IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise has addressed the applicable CVEs. These issues were also addressed by IBM WebSphere Application Server shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. These issues were disclosed as part of the IBM Java SDK updates in July 2019.

CVE(s): CVE-2019-7317, CVE-2019-2769, CVE-2019-2762, CVE-2019-2816, CVE-2019-2786, CVE-2019-2766, CVE-2019-11772, CVE-2019-11775, CVE-2019-4473, CVE-2019-11771

Affected product(s) and affected version(s):

Principal Product and Version(s)

Affected Supporting Product and Version

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition V2.5, V2.5.0.1, V2.5.02. V2.5.0.3, V2.5.0.4, V2.5.0.5, V2.5.0.6, V2.5.0.7, V2.5.0.8, V2.5.0.9

  • WebSphere Application Server V8.5.5 through V8.5.5.15

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise V2.4, V2.4.0.1, V2.4.0.2, V2.4.0.3, V2.4.0.4, V2.4.0.5

  • WebSphere Application Server V8.5.0.1 through V8.5.5.12

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1097673
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/156548
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163832
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163826
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163878
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163849
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163829
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163990
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164479
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163984
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163989

More stories

Security Bulletin: Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU – Oct 2019 – Includes Oracle Oct 2019 CPU minus CVE-2019-2949

Feb 14, 2020 7:00 pm EST | High Severity

There are vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2019 - Includes Oracle Oct 2019 CPU used by IBM Streams. IBM Streams has addressed the applicable CVEs. ...read more



Security Bulletin: A Security Vulnerability affects IBM Cloud Private – Go (CVE-2019-17596)

Feb 14, 2020 7:00 pm EST | High Severity

A Security Vulnerability affects IBM Cloud Private - Go ...read more