Security Bulletin: IBM CICS TX Advanced is vulnerable to spoofing due to a flaw in Eclipse Paho, used by IBM WebSphere Application Server Liberty (CVE-2019-11777)
September 22, 2022 | High Severity
WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the spoofing vulnerability CVE-2019-11777 from Liberty. ...read more
Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to Host Header Injection (CVE-2021-29854)
September 22, 2022 | Medium Severity
IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to Host header injection. ...read more
Security Bulletin: IBM CICS TX Advanced is vulnerable to information disclosure due to IBM WebSphere Application Server Liberty (CVE-2022-22393)
September 22, 2022 | Low Severity
WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the information disclosure vulnerability CVE-2022-22393 from Liberty. ...read more
Security Bulletin: IBM Common Cryptographic Architecture (CCA) is vulnerable to denial of service (CVE-2022-22423)
September 22, 2022 | Medium Severity
Insufficient input validation in IBM Common Cryptographic Architecture (CCA) may affect Hardware Security Module (HSM) availability. An affected IBM 4767 or IBM 4769 HSM may be forced into a check-stop condition by specially-crafted requests from HSM users. Recovery from a check-stop condition requires manual intervention. ...read more
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2018-10237, CVE-2020-8908)
September 22, 2022 | High Severity
IBM Security Guardium has fixed these vulnerabilities ...read more
Security Bulletin: IBM CICS TX Advanced is vulnerable to identity spoofing due to IBM WebSphere Application Server Liberty (CVE-2022-22476)
September 22, 2022 | Medium Severity
WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the identity spoofing vulnerability CVE-2022-22476 from Liberty. ...read more
Security Bulletin: IBM CICS TX Standard is vulnerable to spoofing due to a flaw in Eclipse Paho, used by IBM WebSphere Application Server Liberty (CVE-2019-11777)
September 22, 2022 | High Severity
WebSphere Application Server Liberty is used by IBM CICS TX Standard to provide a web based administration console. The fix removes the spoofing vulnerability CVE-2019-11777 from Liberty. ...read more
Security Bulletin: Apache Shiro (Publicly disclosed vulnerability) Affects IBM Partner Engagement Manager (CVE-2022-32532)
September 22, 2022 | High Severity
IBM Sterling Partner Engagement Manager uses Apache Shiro library 1.9.1, where A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass. ...read more
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Watson Explorer and Watson Explorer Content Analytics Studio (CVE-2022-21496, CVE-2022-21299)
September 22, 2022 | Medium Severity
There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by Watson Explorer and Watson Explorer Content Analytics Studio. Watson Explorer and Watson Explorer Content Analytics Studio have addressed the applicable CVEs. ...read more