High Severity

IBM Security Bulletin: Potential Remote code execution vulnerability in WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1904)

Share this post:

There is a potential remote code execution vulnerability in WebSphere Application Server which affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center).

CVE(s): CVE-2018-1904

Affected product(s) and affected version(s):

Affected Product Affected Versions
IBM Tivoli Storage Productivity Center 5.2.0 – 5.2.7.1
IBM Spectrum Control 5.2.8 – 5.2.13

The versions listed above apply to all licensed offerings of IBM Spectrum Control.

Note that 5.3 versions of IBM Spectrum Control are not affected.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10793725
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152533

More stories

IBM Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software

Jan 23, 2019 9:01 am EST | High Severity

Multiple Node.js vulnerabilities were disclosed by the Node.js project. Node.js is used by the Cordova tools in IBM Rational Application Developer for WebSphere Software. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs. CVE(s): CVE-2018-0734, CVE-2018-0735, CVE-2018-5407, CVE-2018-12116, CVE-2018-12123, CVE-2018-12120, CVE-2018-12121, CVE-2018-12122 Affected product(s) and affected version(s): Rational Application Developer 9.1 Rational ...read more


IBM Security Bulletin: Server Automation is affected by the following vulnerabilities exposures (CVE-2018-8039, CVE-2018-1683, CVE-2018-1755)

Jan 23, 2019 9:01 am EST | High Severity

Server Automation has addressed the following vulnerabilities against the REST module. CVE(s): CVE-2018-8039, CVE-2018-1683, CVE-2018-1755 Affected product(s) and affected version(s): Server Automation REST module, Version 9.5.49 or older. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10743011X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145516X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145455X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148597 ...read more


IBM Security Bulletin: Multiple vulnerabilities affect IBM® SDK for Node.js™ in IBM Cloud

Jan 23, 2019 9:01 am EST | High Severity

OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js for IBM Cloud. IBM SDK for Node.js for IBM Cloud has addressed the applicable CVEs. Node.js vulnerabilities were disclosed by the Node.js foundation. Node.js is used by IBM SDK for Node.js for IBM Cloud. IBM SDK for Node.js for ...read more