IT Service Management

IBM Security Bulletin: Multiple Vulnerabilities in libpng affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-8126, CVE-2015-7981, CVE-2015-8472)

May 15, 2016 7:22 pm EDT

Multiple vulnerabilities have been identified in libpng shipped with IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-8126, CVE-2015-7981, CVE-2015-8472). CVE(s):CVE-2015-8126, CVE-2015-7981, CVE-2015-8472 Affected product(s) and affected version(s): All Releases of IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg2C1000115 ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (ITNCM) (Multiple CVEs)

May 13, 2016 2:00 pm EDT

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 Service Refresh 16 Fix Pack 15 and subsequent releases, that is used by IBM Tivoli Netcool Configuration Manager (ITNCM). These issues were disclosed as part of the IBM Java SDK updates for October 2015. CVE(s):CVE-2015-4872, CVE-2015-4911, CVE-2015-4893, CVE-2015-4803, CVE-2015-4734, CVE-2015-5006 Affected product(s) ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM SDK Java Technology Edition affect WebSphere Application Server shipped with SmartCloud Provisioning

May 12, 2016 2:00 pm EDT

Multiple vulnerabilities in IBM SDK Java Technology Edition affect WebSphere Application Server shipped with SmartCloud Provisioning. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”. Note that product software support discontinuance is approaching as per IBM Withdrawal Announcement 916-016 and ...read more


IBM Security Bulletin:Multiple vulnerabilities in PCRE affect IBM Tivoli Network Manager IP Edition.

May 12, 2016 2:00 pm EDT

Multiple vulnerabilities exist in PCRE v5.x, shipped with IBM Tivoli Network Manager IP Edition. Therefore PCRE 5.38 has been upgraded in IBM Tivoli Network Manager IP Edition. CVE(s):CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8392, CVE-2015-8393, CVE-2015-8380, CVE-2015-8381, CVE-2015-8382, CVE-2015-8383, CVE-2015-8384, CVE-2015-8385, CVE-2015-8386, CVE-2015-8394, CVE-2015-8395, CVE-2015-8387, CVE-2015-8388 Affected product(s) and affected version(s): AffectedProduct VRMF APAR Remediation/First Fix Tivoli Network ...read more


IBM Security Bulletin: Multiple vulnerabilities in Samba affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

May 11, 2016 2:00 pm EDT

Samba vulnerabilities were disclosed on April 12, 2016. Samba is used by IBM SmartCloud Provisioning for IBM Software Virtual Appliance. IBM SmartCloud Provisioning for IBM Software Virtual Appliance has addressed the applicable CVEs including the vulnerability commonly referred to as “Badlock”. The vulnerabilities affect all versions of IBM SmartCloud Provisioning 2.1 for IBM Software Virtual ...read more


IBM Security Bulletin: Multiple vulnerabilities in Libxml2 affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

May 11, 2016 2:00 pm EDT

Multiple vulnerabilities in Libxml2 affect IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance. Please note that product software support discontinuance is approaching as per IBM Withdrawal Announcement 916-016 and fixes will only be available on request. For IBM Withdrawal Announcement details see the CVE(s):CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317 Affected ...read more


IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

May 10, 2016 2:00 pm EDT

Multiple vulnerabilities in OpenSSL affect all releases of IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance. This bulletin covers also OpenSSL vulnerabilities that were disclosed on March 1, 2016 by the OpenSSL Project inluding the “DROWN: Decrypting RSA with Obsolete and Weakened eNcryption” vulnerability. CVE(s):CVE-2016-0800, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2016-0705, CVE-2016-0798, CVE-2016-0797, CVE-2016-0799, CVE-2016-0702, CVE-2016-0703, ...read more


IBM Security Bulletin: The vulnerability in IBM Java SDK affect IBM Tivoli Composite Application Manager for Transactions(CVE-2016-0363 and CVE-2016-0376)

May 9, 2016 2:00 pm EDT

There is vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 6.0, 7.0, 8.0 that is used by IBM Tivoli Composite Application Manager for Transactions. These issues were disclosed as part of the IBM Java SDK updates in April 2016. CVE(s):CVE-2016-0363, CVE-2016-0376 Affected product(s) and affected version(s): IBM Tivoli Composite Application Manager (ITCAM) for Transactions ...read more


IBM Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage Manager HSM for Windows (CVE-2016-2542)

May 9, 2016 2:00 pm EDT

InstallShield generates installation executables which are vulnerable to a DLL-planting affecting IBM Tivoli Storage Manager HSM for Windows (IBM Spectrum Protect HSM for Windows) CVE(s):CVE-2016-2542 Affected product(s) and affected version(s): The following levels of IBM Tivoli Storage Manager HSM for Windows (IBM Spectrum Protect HSM for Windows) are affected: 7.1.0.0 through 7.1.4.1 6.4.0.0 through 6.4.3.0 ...read more