IBM Endpoint Manager for Security and Compliance Analytics releases SCA Patch 1.5.92

The IBM Endpoint Manager for Security and Compliance Analytics team is pleased to announce the release of a 1.5 patch.

This patch release provides fixes that address the following vulnerabilities:

· CVEID: CVE-2014-0191
· CVEID: CVE-2014-3566
· CVEID: CVE-2014-6585
· CVEID: CVE-2014-6587
· CVEID: CVE-2014-6591
· CVEID: CVE-2014-6593
· CVEID: CVE-2014-8892
· CVEID: CVE-2015-0383
· CVEID: CVE-2015-0400
· CVEID: CVE-2015-0403
· CVEID: CVE-2015-0406
· CVEID: CVE-2015-0407
· CVEID: CVE-2015-0410
· CVEID: CVE-2015-2808
· CVEID: CVE-2014-3566

This patch also provides fixes for 66004: The filters on Check Result are no longer ignored when the state column is selected and the top level criteria is set to 'ANY’.

Following the application of this patch, you must reset jetty.xml if you upgraded SCA from HTTPS protocol. This resolves an issue in generating PDFs introduced by the disabling of SSLv3.
To reset jetty.xml, perform the following steps upon completion of the patch upgrade:

  1. Log in to the SCA web console.
  2. Go to Management > Server Settings.
  3. Click Save to ensure that jetty.xml gets updated.
  4. Click Restart Service to apply the change.

If jetty.xml is reset before the upgrade, the changes made on jetty.xml will not apply any fixes.

Published site
SCM Reporting site, version 80.
(Site versions included for air-gap customers)

Download and Installation instructions:
To download IBM Endpoint Manager Analytics, perform the following steps:

  1. In the IBM Endpoint Manager console, add the SCM Reporting masthead.
  2. In the Security Configuration domain in the console, open the Configuration Management navigation tree.

For first time installations:
3. Click the Security and Compliance Analytics dashboard.
4. From the list of supported endpoints, select the target server and click Deploy Installer. An action opens that downloads the SCA software into a Tivoli Endpoint Manager Analytics folder inside the client folder on that server. For example, c:\Program Files\BigFix Enterprise\BES Installers\TEMA).
Note: If you are using the x86 version of a Windows operating system, the path to the install location will be c:\Program Files (x86)\BigFix Enterprise\BES Installers\TEMA.

For upgrading an existing installation:
3. Under the Upgrade menu tree node, select the Fixlet named TEM SCA Upgrade ().
4. Follow the Fixlet instructions and take the associated action to upgrade your TEM SCA deployment.

Other links:
Historical release information for SCA 1.5 can be found at:!/wiki/Tivoli%20Endpoint%20Manager/page/SCA%20Release%20Notes
Contact IBM Endpoint Manager Technical Support if you have any questions regarding this release.

We hope you find this latest release of SCA useful and effective. Thank you!

Security and Compliance Analytics team
IBM Endpoint Manager

Are these vulnerabilities only applicable to version 1.5 or are they present in earlier versions as well?

For the most part they are due to vulnerabilities present in dependencies (such as Java), so they would affect previous versions as well.

Thanks. Just needed the justification for my business owner.