IT Service Management

IBM Security Bulletin: Vulnerabilities in GSKit affect Tivoli Workload Scheduler (CVE-2015-7421, CVE-2015-7420)

May 9, 2016

Vulnerabilities were discovered in GSKit. Tivoli Workload Scheduler uses GSKit and addressed the applicable CVE. CVE(s):CVE-2015-7421, CVE-2015-7420 Affected product(s) and affected version(s): Tivoli Workload Scheduler Distributed 8.6.0 FP03 and earlier Tivoli Workload Scheduler Distributed 9.1.0 FP02 and earlier Tivoli Workload Scheduler Distributed 9.2.0 FP02 and earlier Tivoli Workload Scheduler Distributed 9.3.0 FP01 and earlier Refer ...read more


IBM Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) February 2016

May 6, 2016

This update lists vulnerabilities to Open Source Apache Tomcat reported by The Apache Software Foundation on 22 February 2016. CVE(s):CVE-2016-0763, CVE-2015-5345 , CVE-2015-5346, CVE-2015-5351 , CVE-2016-0706 , CVE-2016-0714, CVE-2015-5174 Affected product(s) and affected version(s): TADDM 7.2.0.0 – 7.2.0.10 TADDM 7.2.1.0 – 7.2.1.6 TADDM 7.2.2.0 – 7.2.2.5 TADDM 7.3.0.0 (TADDM 7.3.0.1-3 – not affected – using ...read more


IBM Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (CVE-2016-2542)

May 6, 2016

InstallShield generates installation executables which are vulnerable to a DLL-planting affecting the IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (IBM Spectrum Protect for Databases) on Windows platforms. CVE(s):CVE-2016-2542 Affected product(s) and affected version(s): The following levels of IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (IBM ...read more


IBM Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage FlashCopy Manager on Windows (CVE-2016-2542)

May 6, 2016

InstallShield generates installation executables which are vulnerable to a DLL-planting affecting IBM Tivoli Storage FlashCopy Manager on Windows (IBM Spectrum Protect Snapshot). CVE(s):CVE-2016-2542 Affected product(s) and affected version(s): The following levels of IBM Tivoli Storage FlashCopy Manager on Windows (IBM Spectrum Protect) are affected: 4.1.0.0 through 4.1.4.1 3.2.0.0 through 3.2.1.8 3.1.0.0 through 3.1.1.5 2.2 all ...read more


IBM Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager IP Edition

May 4, 2016

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8.0.1.10 that is used by IBM Tivoli Network Manager IP Edition 4.2. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and they include the vulnerability commonly referred to as “SLOTH”. CVE(s):CVE-2016-0483, CVE-2015-8472, CVE-2016-0494, CVE-2016-0475, CVE-2016-0466, CVE-2016-0402, CVE-2015-7575, ...read more


IBM Security Bulletin: DB2 local escalation of privilege vulnerability affects IBM Tivoli Storage Manager server (CVE-2015-1947)

May 4, 2016

IBM Tivoli Storage Manager (IBM Spectrum Protect) server is affected by an IBM DB2 software vulnerability that can result in a local user gaining root level access to which the user is not entitled. CVE(s):CVE-2015-1947 Affected product(s) and affected version(s): This vulnerability affects the following IBM Tivoli Storage Manager (IBM Spectrum Protect) server levels: 7.1.0.0 ...read more


IBM Security Bulletin: Multiple vulnerabilities in qemu-kvm affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

May 3, 2016

Multiple vulnerabilities in qemu-kvm affect IBM SmartCloud Provisioning V2.1 for IBM Software Virtual Appliance. Please note that product software support discontinuance is approaching as per IBM Withdrawal Announcement 916-016 and fixes will only be available on request. For IBM Withdrawal Announcement details see the CVE(s):CVE-2015-5279, CVE-2015-4037, CVE-2015-5239, CVE-2015-5278, CVE-2015-6855 Affected product(s) and affected version(s): All ...read more


IBM Security Bulletin: Multiple vulnerabilities in Network Time Protocol affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance

May 3, 2016

Multiple vulnerabilities in Network Time Protocol (NTP) affect IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance. Please note that product software support discontinuance is approaching as per IBM Withdrawal Announcement 916-016 and fixes will only be available on request. For IBM Withdrawal Announcement details see the CVE(s):CVE-2014-9297, CVE-2014-9298, CVE-2015-1798, CVE-2015-1799, CVE-2015-3405 Affected product(s) and ...read more


IBM Security Bulletin: Vulnerabilities in OpenSSL affect Tivoli Workload Scheduler Application (CVE-2015-3196)

May 2, 2016

OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by Tivoli Workload Scheduler Application has addressed the applicable CVEs CVE(s):CVE-2015-3196 Affected product(s) and affected version(s): Tivoli Workload Scheduler for Applications, the programs that are installed in <TWS home>/methods TWS and TWS4APPS is a back office application that usually runs ...read more