Security Bulletin
Summary
IBM SmartCloud Cost Management is shipped as a component of IBM Cloud Orchestrator Enterprise and IBM SmartCloud Orchestrator Enterprise. Information about security vulnerabilities affecting IBM SmartCloud Cost Management has been published in a security bulletin.
Vulnerability Details
Consult the security bulletins for IBM SmartCloud Cost Management for vulnerability details and information about fixes.
- Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with SmartCloud Cost Management and Tivoli Usage Accounting Manager (CVE-2015-7450)
- Security Bulletin: A security vulnerability has been found in IBM WebSphere Application Server 8.5.5.6 shipped with Tivoli Usage and Accounting Manager/SmartCloud Cost Management (CVE-2015-1927)
- Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with Tivoli Usage and Accounting Manager/SmartCloud Cost Management. (CVE-2015-1932)
- Security Bulletin: A security vulnerability has been found in IBM WebSphere Application Server 8.5.5.6 shipped with Tivoli Usage and Accounting Manager/SmartCloud Cost Management (CVE-2015-1885)
- Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with Tivoli Usage and Accounting Manager/SmartCloud Cost Management (CVE-2015-4000)
- Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with Tivoli Usage and Accounting Manager/SmartCloud Cost Management. (CVE-2015-4938)
- Security Bulletin: Security vulnerabilities have been identified in IBM® DB2® shipped with SmartCloud Cost Management (SCCM/TUAM) (CVE-2013-6747, CVE-2014-0963)
- Security Bulletin: Tivoli Usage and Accounting Manager / SmartCloud Cost Management (CVE-2015-1920)
- Security Bulletin: Vulnerability in RC4 stream cipher affects Tivoli usage and Accounting Manager / SmartCloud Cost Management (CVE-2015-2808, CVE-2015-0138 )
Affected Products and Versions
|
Principal Product and Version | Affected Supporting Product and Version |
| IBM Cloud Orchestrator Enterprise 2.5, 2.5.0.1 | IBM SmartCloud Cost Management 2.1.0.5 |
| IBM Cloud Orchestrator Enterprise 2.4 and 2.4.0.1, 2.4.0.2, 2.4.0.3 | IBM SmartCloud Cost Management 2.1.0.4 |
| IBM SmartCloud Orchestrator Enterprise 2.3 and 2.3.0.1 | IBM SmartCloud Cost Management 2.1.0.3 |
Get Notified about Future Security Bulletins
References
Change History
* 08 May 2016: Updated Product version
* 30 April 2015: Original copy published
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Internal Use Only
CVE-IDs: CVE-2015-0138, CVE-2015-2808,CVE-2015-1927, CVE-2015-1885,CVE-2015-4000, CVE-2015-4938,
CVE-2015-1932, CVE-2015-0138, CVE-2015-2808, CVE-2015-1920, CVE-2015-7450
DCF Document / currently seems not available on notes DCF / anywhere removed and addressed from the one below
http://www-01.ibm.com/support/docview.wss?uid=swg21700819
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
swg21883102