High Severity

IBM Security Bulletin: Multiple vulnerabilities in WebSphere Application Server Liberty affect IBM Spectrum Protect for Workstations Central Administration Console (CVE-2014-7810, CVE-2018-8039, CVE-2018-1901)

Share this post:

IBM WebSphere Application Server Liberty is affected by Apache Tomcat, Apache CXF, and elevation of privileges vulnerabilities which affect the IBM Spectrum Protect for Workstations (formerly Tivoli Storage Manager FastBack for Workstations) Central Administration Console (CAC).

CVE(s): CVE-2014-7810, CVE-2018-8039, CVE-2018-1901

Affected product(s) and affected version(s):
IBM Spectrum Protect for Workstations (formerly Tivoli Storage Manager FastBack for Workstations) Central Administration Console levels:

  • 8.1.0.0 through 8.1.2.1
  • 7.1.0.0 through 7.1.8.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10876338
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/103155
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145516
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152530

More stories

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms Jul 2020

Oct 22, 2020 8:00 pm EDT | High Severity

There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.0 to 4.1.0.3 and IBM SDK Java Technology Edition, Version 8 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.4 to 4.1.0.5. These issues were disclosed as part of the IBM Java SDK updates in July 2020. ...read more


Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Oct 22, 2020 8:00 pm EDT | High Severity

IBM Security Guardium has fixed this vulnerability ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF

Oct 22, 2020 8:00 pm EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by the z/TPF system. z/TPF has addressed the applicable CVEs. ...read more