High Severity

IBM Security Bulletin: Node.js vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518)

Share this post:

Node.js denial of service vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center).

CVE(s): CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518

Affected product(s) and affected version(s):

Affected Product Affected Versions
IBM Spectrum Control 5.3.0 – 5.3.3

Note that the 5.2 release is not affected.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1071852
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164638
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164903
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164639
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164640
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165181
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165182
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/165183
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/164904

More stories

IBM Security Bulletin: Version 8.15.0 of Node.js included in IBM Cloud Event Management 2.3.0 has several security vulnerabilities.

Oct 21, 2019 9:02 am EDT | High Severity

Security Bulletin: Version 8.15.0 of Node.js included in IBM Cloud Event Management 2.3.0 has several security vulnerabilities). CVE(s): CVE-2019-9516, CVE-2019-9515, CVE-2019-9518, CVE-2019-9517, CVE-2019-9512, CVE-2019-9511, CVE-2019-9514, CVE-2019-9513 Affected product(s) and affected version(s): IBM Cloud Event Management on IBM Cloud Private Version 2.3.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www.ibm.com/support/pages/node/1078209X-Force ...read more


IBM Security Bulletin: IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition is affected by HTTP Server vulnerabilities

Oct 21, 2019 9:01 am EDT | High Severity

IBM HTTP Server is shipped as a component of IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. CVE(s): CVE-2019-0211, CVE-2019-0220 Affected product(s) and affected version(s): Principal Product and Version(s) Affected Supporting Product and Version IBM Cloud Orchestrator and IBM ...read more


IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affect IBM Cloud Private

Oct 15, 2019 9:03 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Cloud Private. IBM Cloud Private has addressed the applicable CVEs. CVE(s): CVE-2019-2766, CVE-2019-2786, CVE-2019-2816, CVE-2019-2762, CVE-2019-2769, CVE-2019-4473 Affected product(s) and affected version(s): IBM Cloud Private 3.1.0, 3.1.1, 3.1.2, 3.2.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source ...read more