IBM Support

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server embedded in IBM Tivoli Monitoring used by IBM Tivoli Monitoring for Tivoli Storage Manager

Security Bulletin


Summary

IBM HTTP Server is a component of IBM Tivoli Monitoring shipped as a component of IBM Tivoli Monitoring for Tivoli Storage Manager. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin.

Vulnerability Details

Please consult the security bulletin for vulnerability details and information about fixes.
http://www-01.ibm.com/support/docview.wss?uid=swg21997156

Also you may want to consider subscribing to ITM security bulletin notifications for future bulletins:
https://www-947.ibm.com/systems/support/myview/subscription/css.wss

NOTE: IBM Tivoli Monitoring for Tivoli Storage Manager version 7.1 bundles IBM Tivoli Monitoring 6.3 FP2.

Affected Products and Versions

Principal Product and Version(s) IBM Tivoli Monitoring version bundled with Reporting.
IBM Tivoli Monitoring for Tivoli Storage Manager version 7.1 (Reporting) IBM Tivoli Monitoring 6.3 FP2

Note IBM Tivoli Monitoring 6.3.0 through 6.3.0 FP6 is affected.

Get Notified about Future Security Bulletins

References

Complete CVSS v2 Guide
On-line Calculator v2

Related information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Change History

19 January 2017: Original Version Published

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Document information

More support for: Tivoli Storage Manager
Server

Software version: All Supported Versions

Operating system(s): AIX, Linux, Windows

Software edition: All Editions

Reference #: 1975215

Modified date: 19 January 2017


Translate this page: