IBM Support

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, IBM HTTP Server, IBM DB2, IBM SPSS Modeler, IBM Cognos Business Intelligence Server, IBM SPSS Collaboration and Deployment Services and IBM WebSphere MQ s

Created by Sunil Gajula on
Published URL:
https://www.ibm.com/support/pages/node/262735
262735

Security Bulletin


Summary

IBM WebSphere Application Server, IBM HTTP Server, IBM DB2, IBM SPSS Modeler, IBM Cognos Business Intelligence Server, IBM SPSS Collaboration and Deployment Services and IBM WebSphere MQ are shipped as components of IBM Predictive Maintenance and Quality. Information about a security vulnerability affecting IBM WebSphere Application Server, IBM HTTP Server, IBM DB2, IBM SPSS Modeler, IBM Cognos Business Intelligence Server, IBM SPSS Collaboration and Deployment Services and IBM WebSphere MQ has been published their respective security bulletins.

Vulnerability Details

Please consult the Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808) for vulnerability details and information about fixes.

Please consult the Security Bulletin: Vulnerability in RC4 stream cipher affects IBM HTTP Server (CVE-2015-2808) for vulnerability details and information about fixes.


Please consult the Security Bulletin: Vulnerability in RC4 stream cipher affects IBM DB2 (CVE-2015-2808) for vulnerability details and information about fixes.

Please consult the Security Bulletin: Vulnerability in RC4 stream cipher affects IBM SPSS Modeler (CVE-2015-2808) for vulnerability details and information about fixes.

Please consult the Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Cognos Business Intelligence Server (CVE-2015-2808) for vulnerability details and information about fixes.

Please consult the Security Bulletin: Vulnerability in RC4 stream cipher in IBM SDK Java Technology Edition, Versions 1.6 and 1.7 affects IBM SPSS Collaboration and Deployment Services (CVE-2015-2808) for vulnerability details and information about fixes.

Please consult the Security Bulletin: Vulnerability in RC4 stream cipher affects IBM WebSphere MQ (CVE-2015-2808) for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Version(s)

Affected Supporting Product and Version
IBM Predictive Maintenance and Quality 1.0







IBM Predictive Maintenance and Quality 2.0






IBM Predictive Maintenance and Quality 2.5
IBM WebSphere Application Server v8.0
IBM HTTP Server v8.0
IBM DB2 Enterprise Server Edition 9.7.0.7
IBM SPSS Modeler Server 15.0
IBM Cognos Business Intelligence Server 10.2
IBM SPSS Collaboration and Deployment Services 5.0
IBM WebSphere MQ 7.5

IBM WebSphere Application Server v8.5.5
IBM HTTP Server v8.0
IBM DB2 Enterprise Server Edition 10.1.0.3
IBM SPSS Modeler Server 16.0
IBM Cognos Business Intelligence Server 10.2.1
IBM SPSS Collaboration and Deployment Services 6.0
IBM WebSphere MQ 7.5.0.2

IBM WebSphere Application Server v8.5.5.3
IBM HTTP Server v8.5.5.3
IBM DB2 Enterprise Server Edition 10.5.0.4
IBM SPSS Modeler Server 16.0.0.1
IBM Cognos Business Intelligence Server 10.2.2
IBM SPSS Collaboration and Deployment Services 6.0.0.1
IBM WebSphere MQ 7.5.0.4

Get Notified about Future Security Bulletins

References

Off

Change History

May 5, 2015: Original Version Published

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

[{"Product":{"code":"SSTNNL","label":"Predictive Maintenance and Quality"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"--","Platform":[{"code":"PF016","label":"Linux"}],"Version":"2.5;2.0;1.0","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

Document Information

Modified date:
15 June 2018

UID

swg21883638