High Severity

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Performance Management products

Share this post:

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM Monitoring. IBM Monitoring has addressed the applicable CVEs.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Application Diagnostics 8.1.3
IBM Monitoring 8.1.3
IBM Application Performance Management Advanced 8.1.3
IBM Application Performance Management 8.1.3
IBM Cloud Application Performance Management, Base Private 8.1.4
IBM Cloud Application Performance Management, Advanced Private 8.1.4
IBM Cloud Application Performance Management  

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1107879

More stories

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU – Jan 2020 – Includes Oracle Jan 2020 CPU minus CVE-2020-2585, CVE-2020-2654, and CVE-2020-2590

May 30, 2020 8:00 pm EDT | High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 8** that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues were disclosed as part of the IBM Java SDK updates in Jan 2020. ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Conductor and IBM Spectrum Conductor with Spark

May 29, 2020 8:00 pm EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0, IBM Spectrum Conductor 2.3.0, and IBM Spectrum Conductor with Spark 2.2.1. IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0, IBM Spectrum Conductor 2.3, and IBM Spectrum Conductor with Spark 2.2.1 have addressed the applicable CVEs. ...read more


Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability.

May 28, 2020 8:00 pm EDT | High Severity

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. Hard coded credentials have been removed from the IBM Security Directory Integrator version used by IBM Security Identity Governance and Intelligence. ...read more