High Severity

IBM Security Bulletin: Potential Remote code execution vulnerability in WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1904)

Share this post:

There is a potential remote code execution vulnerability in WebSphere Application Server which affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center).

CVE(s): CVE-2018-1904

Affected product(s) and affected version(s):

Affected Product Affected Versions
IBM Tivoli Storage Productivity Center 5.2.0 – 5.2.7.1
IBM Spectrum Control 5.2.8 – 5.2.13

The versions listed above apply to all licensed offerings of IBM Spectrum Control.

Note that 5.3 versions of IBM Spectrum Control are not affected.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10793725
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152533

More stories

IBM Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Access Manager Appliance

Jun 22, 2019 9:01 am EDT | High Severity

Multiple Security vulnerabilities have been fixed in the 9.0.7 IBM Security Access Manager (ISAM) appliance. CVE(s): CVE-2018-0732, CVE-2018-0739, CVE-2017-3735, CVE-2019-4152, CVE-2019-4151, CVE-2019-4150, CVE-2019-4153, CVE-2019-4156, CVE-2019-4157, CVE-2019-4158, CVE-2019-5953, CVE-2019-9636, CVE-2019-4135, CVE-2013-2197, CVE-2016-10542, CVE-2016-5725, CVE-2018-16850, CVE-2017-7546, CVE-2017-12172, CVE-2016-7048, CVE-2016-0766, CVE-2019-4145 Affected product(s) and affected version(s):ISAM 9.0.1, 9.0.2 9.0.3, 9.0.4, 9.0.5, 9.0.6 ISAM Appliance 9.0.1, 9.0.2 9.0.3, 9.0.4, ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Host On-Demand

Jun 22, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8.0 used by Host On-Demand. Host On-Demand has addressed the applicable CVEs. CVE(s): CVE-2019-2449, CVE-2018-12547 Affected product(s) and affected version(s): Host On-Demand: 12.0, 12.0.0.1, 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.0.4.1 Host On-Demand: 13.0, 13.0.1, 13.0.1.1 and 13.0.2 Refer to the following reference URLs for remediation and ...read more


IBM Security Bulletin: Vulnerabilities in cURL affect QLogic Virtual Fabric Extension Module for IBM BladeCenter

Jun 22, 2019 9:00 am EDT | High Severity

The following vulnerabilities in cURL have been addressed by QLogic Virtual Fabric Extension Module for IBM BladeCenter. CVE(s): CVE-2018-1000007, CVE-2018-1000005, CVE-2017-8818, CVE-2017-8817, CVE-2017-8816 Affected product(s) and affected version(s): Product Affected Version Qlogic Virtual Fabric Extension Module for IBM BladeCenter Firmware Update 9.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: ...read more