IBM Updates
3654Warning Date
Severity Level
Warning Number
Target Sector
29 August, 2019
● High
2019-375
All
Description:
IBM has released security updates to address vulnerabilities in the following products:
- IBM SDK, Java Technology Editions used with WebSphere Application Server Liberty.
- IBM SDK, Java Technology Editions used with IBM WebSphere Application Server Traditional Version 9.0.0.0 through 9.0.5.0, 8.5.0.0 through 8.5.5.15.
- IBM SDK, Java Technology Editions shipped in Application Client for IBM WebSphere Application Server Version 9.0.0.0 through 9.0.5.0, 8.5.0.0 through 8.5.5.15.
- IBM Tivoli Composite Application Manager for SOA v7.2.0 – 7.2.0.1 Interim Fix 14.
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Code injection.
- Escalation of privilege.
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates: