Medium Severity

IBM Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Virtualization Engine TS7700 – July 2018 & October 2018

Share this post:

There are multiple vulnerabilities in IBM® SDK, Java™ Technology Edition, Versions 7 and 8, that are used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in July 2018 and October 2018.

CVE(s): CVE-2018-1517, CVE-2018-2973, CVE-2018-3139, CVE-2018-3180

Affected product(s) and affected version(s):

All versions of microcode for the IBM Virtualization Engine TS7700 (3957-V07, 3957-VEB, 3957-VEC) prior to and including the following are affected:

Machine Type Model Version
3957 V07 8.42.1.8
3957 VEB 8.42.1.8
3957 VEC 8.42.1.8

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10732035
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141681
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/146835
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151455
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151497

More stories

IBM Security Bulletin: IBM Event Streams is affected by Go vulnerabilities

Jul 17, 2019 9:02 am EDT | Medium Severity

IBM Event Streams has addressed the following vulnerabilities in the Go Runtimes shipped. CVE(s): CVE-2019-9741 Affected product(s) and affected version(s):IBM Event Streams 2018.3.0 IBM Event Streams 2018.3.1 IBM Event Streams 2019.1.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10884414X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158137 ...read more


IBM Security Bulletin: IBM Event Streams is affected by WebSphere Liberty Profile vulnerability CVE-2019-4046

Jul 17, 2019 9:01 am EDT | Medium Severity

IBM Event Streams has addressed the following vulnerability. CVE(s): CVE-2019-4046 Affected product(s) and affected version(s):IBM Event Streams 2018.3.0 IBM Event Streams 2018.3.1 IBM Event Streams 2019.1.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10888065X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/156242 ...read more


IBM Security Bulletin: IBM Maximo Asset Management is vulnerable to File Path Traversal (CVE-2019-4430)

Jul 16, 2019 9:02 am EDT | Medium Severity

IBM Maximo Asset Management is vulnerable to File Path Traversal CVE(s): CVE-2019-4430 Affected product(s) and affected version(s): This vulnerability affects the following versions of the IBM Maximo Asset Management core product, and all other IBM Maximo Industry Solution and IBM Control Desk products, regardless of their own version, if they are currently installed on top ...read more