High Severity

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2684, CVE-2019-4473, CVE-2019-11771)

Share this post:

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control (formerly Tivoli Storage Productivity Center). These issues were disclosed as part of the IBM Java SDK updates for April 2019 and July 2019.

CVE(s): CVE-2019-2684, CVE-2019-4473, CVE-2019-11771

Affected product(s) and affected version(s):

Affected Product Affected Versions
IBM Tivoli Storage Productivity Center 5.2.0 – 5.2.7.1
IBM Spectrum Control 5.2.8 – 5.2.17.3
IBM Spectrum Control 5.3.0 – 5.3.3

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/964972
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159776
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163984
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/163989

More stories

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Oct 10, 2019 9:02 am EDT | High Severity

There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 7, 7.1, 8 used by AIX. AIX has addressed the applicable CVEs. CVE(s): CVE-2019-11775, CVE-2019-11772, CVE-2019-2766, CVE-2019-2786, CVE-2019-2816, CVE-2019-2762, CVE-2019-2769, CVE-2019-7317, CVE-2019-4473, CVE-2019-11771 Affected product(s) and affected version(s): AIX 7.1, 7.2 VIOS 2.2, 3.1 The following fileset levels (VRMF) are vulnerable, if the respective ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM SPSS Modeler (CVE-2019-4473,CVE-2019-11771)

Oct 9, 2019 9:02 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version JRE7SR10FP10, JRE8SR4FP10 and JRE8SR5FP25 used by IBM SPSS Modeler on AIX 64-bit pSeries platform. These issues were disclosed as part of the IBM Java SDK updates in July 2019. CVE(s): CVE-2019-4473, CVE-2019-11771 Affected product(s) and affected version(s): IBM SPSS Modeler 17.0.0.1 and earlier IBM SPSS ...read more


IBM Security Bulletin: Multiple vulnerabilities affect IBM® SDK for Node.js™ in IBM Cloud

Oct 8, 2019 9:02 am EDT | High Severity

Node.js, as well as many other implementations of HTTP/2, have been found vulnerable to Denial of Service attacks. CVE(s): CVE-2019-9517, CVE-2019-9518, CVE-2019-9515, CVE-2019-9516, CVE-2019-9513, CVE-2019-9514, CVE-2019-9511, CVE-2019-9512 Affected product(s) and affected version(s): These vulnerabilities affect Node.js v8.15.1 and earlier releases. These vulnerabilities affect Node.js v10.15.2 and earlier releases. These vulnerabilities affect Node.js v12.7.1 and earlier ...read more