High Severity

IBM Security Bulletin: Vulnerability in Service Assistant GUI affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2017-1710)

Share this post:

A vulnerability in the Service Assistant GUI affects IBM SAN Volume Controller, Storwize Family and FlashSystem V9000 products. The Service Assistant CLI interface is unaffected.

CVE(s): CVE-2017-1710

Affected product(s) and affected version(s):

IBM SAN Volume Controller
IBM Storwize V7000
IBM Storwize V5000
IBM FlashSystem V9000

All products are affected when running supported release 8.1.0.0 only. For unsupported versions of the above products, IBM recommends upgrading to a fixed, supported version of the product.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1010788
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134531

More stories

IBM Security Bulletin: Publicly disclosed vulnerability in Oracle Outside In Technology used by IBM FileNet Content Manager

Jan 17, 2019 9:01 am EST | High Severity

Multiple vulnerabilities may affect Oracle Outside In Technology (OIT) Version 8.5.3 used by IBM FileNet Content Manager. Oracle OIT issues disclosed in the Oracle October 2018 Critical Patch Update. CVE(s): CVE-2018-18224, CVE-2018-3227, CVE-2018-3226, CVE-2018-3218, CVE-2018-3229, CVE-2018-3217, CVE-2018-3228, CVE-2018-3219, CVE-2018-3230, CVE-2018-3232, CVE-2018-3221, CVE-2018-3231, CVE-2018-3220, CVE-2018-3223, CVE-2018-3234, CVE-2018-3233, CVE-2018-3222, CVE-2018-3225, CVE-2018-3302, CVE-2018-3224, CVE-2018-3147, CVE-2018-18223 Affected product(s) and ...read more


IBM Security Bulletin: B2B Advanced Communications is Affected by Multiple Vulnerabilities in IBM Java Runtime

Jan 17, 2019 9:00 am EST | High Severity

There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 7 Service Refresh 10 Fix Pack 15 that is used by IBM B2B Advanced Communications. These issues were disclosed as part of the IBM Java SDK updates in January 2018 and April 2018. CVE(s): CVE-2018-2579, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678, CVE-2018-2602, CVE-2018-2603, CVE-2018-2657, CVE-2018-2637, CVE-2018-2633, ...read more


IBM Security Bulletin: Asset Analyzer (RAA) is affected by an Apache CXF vulnerability

Jan 15, 2019 9:01 am EST | High Severity

Rational Asset Analyzer (RAA) has addressed the following vulnerability. CVE(s): CVE-2018-8039 Affected product(s) and affected version(s): Affected Versions Rational Asset Analyzer 6.1.0.0 – 6.1.0.18 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10744591X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145516 ...read more