Medium Severity

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (CVE-2018-3180, CVE-2018-3139)

Share this post:

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in October 2018.

CVE(s): CVE-2018-3180, CVE-2018-3139

Affected product(s) and affected version(s):
IBM Tivoli Netcool Configuration Manager 6.4.1.x and 6.4.2.x

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10876000
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151497
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151455

More stories

IBM Security Bulletin: This Power System update is being released to address CVE 2018-1992

Mar 20, 2019 10:02 am EDT | Medium Severity

Power9: In response to a buffer overflow vulnerability on the boot loader, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2018-1992. CVE(s): CVE-2018-1992 Affected product(s) and affected version(s):Firmware release FW910 is affected. P9 OpenPOWER releases OP910 and OP920 are affected. Refer to the following reference ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Security Directory Integrator (CVE-2018-2800, CVE-2018-2783)

Mar 20, 2019 10:02 am EDT | Medium Severity

There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition Version 7.0 and Version 8.0 that is used by Security Directory Integrator. These issues were disclosed as part of the IBM Java SDK updates in Oct 2018 and Jan 2019 CVE(s): CVE-2018-3180, CVE-2018-1890 Affected product(s) and affected version(s):IBM Tivoli Directory Integrator 7.1.1 IBM Security ...read more


IBM Security Bulletin: Vulnerabilities in WAS traditional and liberty

Mar 20, 2019 10:01 am EDT | Medium Severity

There are vulnerabilities in WAS traditional and liberty used by IBM Streams. IBM Streams has addressed the applicable CVEs. CVE(s): CVE-2014-7810 Affected product(s) and affected version(s): Affected InfoSphere Streams Affected Versions InfoSphere Streams 4.0.1.6 and earlier InfoSphere Streams 3.2.1.6 and earlier IBM Streams 4.1.1.7 and earlier IBM Streams 4.2.1.5 and earlier IBM Streams 4.3.0.0 Refer ...read more