IBM Support

JR57474: MULTIPLE VULNERABILITIES EXIST IN IBM SDK FOR JAVA SHIPPED WITH IBM PROCESS DESIGNER

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • There are multiple vulnerabilities (CVEs) in IBM SDK Java
    Technology Edition, which is used in IBM Process Designer for
    IBM Business Process Manager (BPM).
    
    PRODUCTS AFFECTED
    IBM BPM Advanced
    IBM BPM Standard
    IBM BPM Express
    

Local fix

Problem summary

  • No additional information is available.
    

Problem conclusion

  • A fix is available for the latest fix pack of all supported
    releases of IBM BPM. This fix resolves the IBM SDK for JAVA CPU
    January 2017 issues.
    

Temporary fix

Comments

APAR Information

  • APAR number

    JR57474

  • Reported component name

    BPM ADVANCED

  • Reported component ID

    5725C9400

  • Reported release

    857

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2017-03-01

  • Closed date

    2017-03-24

  • Last modified date

    2017-03-24

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    BPM ADVANCED

  • Fixed component ID

    5725C9400

Applicable component levels

  • R751 PSY

       UP

  • R801 PSY

       UP

  • R850 PSY

       UP

  • R855 PSY

       UP

  • R856 PSY

       UP

  • R857 PSY

       UP

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSFTN5","label":"IBM Business Process Manager Advanced"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"857","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
24 March 2017