VULNERABILITIES / FIXES - September 17, 2013
by Carol~ - 9/17/13 7:16 AM
IBM Tivoli Composite Application Manager for Transactions Java Multiple Vulnerabilities
Release Date : 2013-09-17
Criticality level : Highly critical
Impact : Security Bypass
Manipulation of data
Exposure of sensitive information
Where : From remote
Solution Status: Vendor Patch
Software: IBM Tivoli Composite Application Manager for Transactions 7.x
IBM has acknowledged multiple vulnerabilities in IBM Tivoli Composite Application Manager for Transactions, which can be exploited by malicious, local users to disclose certain sensitive information, manipulate certain data, and gain escalated privileges and by malicious people to conduct spoofing attacks, disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), bypass certain security restrictions, and compromise a vulnerable system.
The vulnerabilities are caused due to a bundled vulnerable version of Java.
The vulnerabilities are reported in the versions 7.1.x.x, 7.2.x.x, and 7.3.x.x.