GTM-MQNC2Z4
Skip to main content
  1. Home >
  2. Support >
  3. Products >
  4. Software >
  5. Security >
  6. Fujitsu Patch & TA Information >
  7. This page provides Security Information.

Systemwalker Centric Manager Open Monitoring: SQL injection vulnerabilities (CVE-2016-10134). May 22nd, 2017


Notes on using this web page

1. Description

In the Zabbix bundled Systemwalker Centric Manager Open Monitoring, new SQL injection vulnerabilities(CVE-2016-10134) have been confirmed.

Fujitsu provides security patches shown in 3.
Please apply them as soon as possible.

2. Impact

For the Zabbix bundled with Systemwalker Centric Manager Open Monitoring, an SQL command may be executed.

For a severity assessment of this vulnerability, see CVE information in "4. Related information".

3. Affected systems and corresponding action

3-1. Affected systems:

PRIMERGY, PRIMEQUEST

3-2. Affected products and required patch

Products Version Target OS Package name Patch ID.
Systemwalker Centric Manager Open Monitoring V15.1.0 RHEL5(x86) FJSVzbx T011016LP-02
Systemwalker Centric Manager Open Monitoring V15.1.0 RHEL5(Intel64) FJSVzbx T011017LP-02
Systemwalker Centric Manager Open Monitoring V15.1.0 RHEL6(x86) FJSVzbx T011018LP-02
Systemwalker Centric Manager Open Monitoring V15.1.0 RHEL6(Intel64)/ 7(Intel64) FJSVzbx T011019LP-02
Systemwalker Centric Manager Open Monitoring V15.1.1 RHEL5(x86) FJSVzbx T013819LP-01
Systemwalker Centric Manager Open Monitoring V15.1.1 RHEL5(Intel64) FJSVzbx T013820LP-01
Systemwalker Centric Manager Open Monitoring V15.1.1 RHEL6(x86) FJSVzbx T013821LP-01
Systemwalker Centric Manager Open Monitoring V15.1.1 RHEL6(Intel64)/ 7(Intel64) FJSVzbx T013822LP-01
Systemwalker Centric Manager Open Monitoring V15.2.0 RHEL5(x86) FJSVzbx T013819LP-01
Systemwalker Centric Manager Open Monitoring V15.2.0 RHEL5(Intel64) FJSVzbx T013820LP-01
Systemwalker Centric Manager Open Monitoring V15.2.0 RHEL6(x86) FJSVzbx T013821LP-01
Systemwalker Centric Manager Open Monitoring V15.2.0 RHEL6(Intel64)/ 7(Intel64) FJSVzbx T013822LP-01

Note: Determining the affected product

Execute the following command in the console window: #/opt/FJSVftlz/bin/swpkginfo

3-3. Workaround

None.

4. Related information

5. Revision history

  • May 22nd, 2017: Initial release