IBM Product Security Incident Response


Archive

Security Bulletin: Vulnerability in Apache Solr affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

Jan 14, 2021 7:00 pm EST | Critical Severity

There is a missing authorization vulnerability in the Apache Solr service that is distributed as part of Watson Knowledge Catalog for IBM Cloud Pak for Data. The issue is now addressed. ...read more


Security Bulletin: Malicious file upload and download could affect Watson Knowledge Catalog for IBM Cloud Pak for Data

Jan 14, 2021 7:00 pm EST | Medium Severity

Watson Knowledge Catalog for IBM Cloud Pak for Data was vulnerable to malicious file uploads and downloads. The issue is now addressed. ...read more


Security Bulletin: Multiple Vulnerabilities in Java affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

Jan 14, 2021 7:00 pm EST | Low Severity

Vulnerabilities in Java are affecting Watson Knowledge Catalog for IBM Cloud Pak for Data. These vulnerabilities have been addressed. ...read more


Security Bulletin: Cross Site Scripting vulnerability in Google Web Toolkit may affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) – CVE-2012-5920

Jan 14, 2021 7:00 pm EST | Medium Severity

IBM Business Process Manager and IBM Business Automation Workflow may be vulnerable to a cross site scripting attack. ...read more


Security Bulletin: Security Vulnerabilities in GNU glibc affect IBM Cloud Pak for Data – GNU glibc (CVE-2020-1751)

Jan 13, 2021 7:02 pm EST | High Severity

Security Vulnerabilities in GNU glibc affect IBM Cloud Pak for Data - GNU glibc (CVE-2020-1751) ...read more


Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities

Jan 13, 2021 7:02 pm EST | Medium Severity

IBM Security Privileged Identity Manager has addressed an issue for NTP as follows. ...read more


Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities (CVE-2015-9381, CVE-2015-9382)

Jan 13, 2021 7:02 pm EST | High Severity

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerabilities. The vulnerabilities concerns Freetype: a remote attacker could obtain sensitive information or cause a denial of service. ...read more


Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities

Jan 13, 2021 7:02 pm EST | High Severity

IBM Security Privileged Identity Manager has addressed an issue for NTP as follows. ...read more