High Severity

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2426, CVE-2018-12547, CVE-2018-1890)

Share this post:

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control (formerly Tivoli Storage Productivity Center). These issues were disclosed as part of the IBM Java SDK updates for January 2019.

CVE(s): CVE-2019-2426, CVE-2018-12547, CVE-2018-1890

Affected product(s) and affected version(s):

Affected Product Affected Versions
IBM Tivoli Storage Productivity Center 5.2.0 – 5.2.7.1
IBM Spectrum Control 5.2.8 – 5.2.17.2
IBM Spectrum Control 5.3.0 – 5.3.2

The versions listed above apply to all licensed offerings of IBM Spectrum Control.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10883086
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155744
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157512
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152081

More stories

IBM Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Aug 2, 2019 9:01 am EDT | High Severity

Java SE issues disclosed in the Oracle July 2019 Critical Patch Update, plus four additional vulnerabilities CVE(s): CVE-2019-7317, CVE-2019-2769, CVE-2019-2762, CVE-2019-2816, CVE-2019-2786, CVE-2019-2766, CVE-2019-11772, CVE-2019-11775, CVE-2019-4473, CVE-2019-11771 Affected product(s) and affected version(s):IBM SDK, Java Technology Edition, Version 7 Service Refresh 10 Fix Pack 45 and earlier releases IBM SDK, Java Technology Edition, Version 7R1 Service ...read more


IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-5391)

Aug 2, 2019 9:01 am EDT | High Severity

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. A vulnerability in the Linux kernel, included in IBM Security Identity Governance and Intelligence (IGI), affects the way the Linux kernel handles reassembly of fragmented IPv4 and IPv6 packets. By sending specially crafted IP fragments with random ...read more


IBM Security Bulletin: IBM WebSphere Application Server Security Vulnerabilities Affect IBM Sterling B2B Integrator (CVE-2019-4046, CVE-2018-1902, CVE-2018-10237)

Aug 2, 2019 9:00 am EDT | High Severity

IBM Sterling B2B Integrator Standard Edition has addressed the information disclosure vulnerabilities CVE(s): CVE-2019-4046, CVE-2018-1902, CVE-2018-10237 Affected product(s) and affected version(s):IBM Sterling B2B Integrator 6.0.0.0 – 6.0.1.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10888617X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/156242X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152531X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142508 ...read more