Medium Severity

IBM Security Bulletin: OpenSSL vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-1559)

Share this post:

An OpenSSL vulnerability was disclosed on February 26, 2019 by the OpenSSL Project. OpenSSL, used by IBM Spectrum Control (formerly Tivoli Storage Productivity Center), has addressed the applicable CVE.

CVE(s): CVE-2019-1559

Affected product(s) and affected version(s):

Affected Product Affected Versions
IBM Tivoli Storage Productivity Center 5.2.0 – 5.2.7.1
IBM Spectrum Control 5.2.8 – 5.2.17.2
IBM Spectrum Control 5.3.0 – 5.3.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10880905
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157514

More stories

IBM Security Bulletin: Vulnerability affects IBM Cloud Object Storage SDK Java (June 2019)

Jun 22, 2019 9:01 am EDT | Medium Severity

Vulnerability affects IBM Cloud Object Storage SDK Java. It has been addressed in the latest SDK Java release. CVE(s): CVE-2019-12086 Affected product(s) and affected version(s): CVE-ID Affected SDK Releases CVE-2019-12086 IBM COS SDK Java releases prior to 2.5.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10887529X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/161256 ...read more


IBM Security Bulletin: IBM MessageSight/MessageGateway is affected by the following jQuery vulnerability

Jun 20, 2019 9:01 am EDT | Medium Severity

IBM MessageSight/MessageGateway has addressed the following jQuery vulnerability: CVE-2019-11358: jQuery mishandles jQuery.extend(true, {}, …) CVE(s): CVE-2019-11358 Affected product(s) and affected version(s): Affected IBM MessageSight Affected Versions IBM MessageSight 1.2.0.0 – 1.2.0.3 IBM MessageSight 2.0.0.0 – 2.0.0.2 IBM MessageSight 5.0.0.0 IBM MessageGateway 5.0.0.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: ...read more


IBM Security Bulletin: IBM API Connect is affected by a denial of service vulnerability in Node.js (CVE-2019-5737)

Jun 20, 2019 9:01 am EDT | Medium Severity

IBM API Connect has addressed the following vulnerability. CVE(s): CVE-2019-5737 Affected product(s) and affected version(s): Affected IBM API Management Affected Versions IBM API Connect 5.0.0.0-5.0.8.6 IBM API Connect 2018.1-2018.4.1.4 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10882602X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158093 ...read more