High Severity

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2426, CVE-2018-12547, CVE-2018-1890)

Share this post:

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control (formerly Tivoli Storage Productivity Center). These issues were disclosed as part of the IBM Java SDK updates for January 2019.

CVE(s): CVE-2019-2426, CVE-2018-12547, CVE-2018-1890

Affected product(s) and affected version(s):

Affected Product Affected Versions
IBM Tivoli Storage Productivity Center 5.2.0 – 5.2.7.1
IBM Spectrum Control 5.2.8 – 5.2.17.2
IBM Spectrum Control 5.3.0 – 5.3.2

The versions listed above apply to all licensed offerings of IBM Spectrum Control.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10883086
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155744
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157512
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152081

More stories

IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Connect:Direct for UNIX

Jun 15, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8.0.5.25, 8.0.5.20, and 7.0.10.30, used by IBM Sterling Connect:Direct for UNIX. IBM Sterling Connect:Direct for UNIX has addressed the applicable CVEs. CVE(s): CVE-2018-12547, CVE-2018-1890 Affected product(s) and affected version(s): IBM Sterling Connect:Direct for Unix 6.0.0 IBM Sterling Connect:Direct for Unix 4.3.0 IBM Sterling Connect:Direct for ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Collector for SAP Applications

Jun 14, 2019 9:02 am EDT | High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 used by IBM Content Collector for SAP Applications. CVE(s): CVE-2018-12547, CVE-2019-2422, CVE-2019-2426 Affected product(s) and affected version(s):IBM Content Collector for SAP Applications 4.0.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10880993X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157512X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155741X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155744 ...read more


IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime Affect IBM Sterling Secure Proxy

Jun 14, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling Secure Proxy. These issues were disclosed as part of the IBM Java SDK updates in January 2019. CVE(s): CVE-2018-12547, CVE-2018-1890, CVE-2019-2426 Affected product(s) and affected version(s): IBM Sterling Secure Proxy 6.0.0.0 through 6.0.0.0 iFix 1 IBM Sterling Secure Proxy 3.4.3.0 ...read more