Security Bulletin: IBM CICS TX Advanced is vulnerable to spoofing due to a flaw in Eclipse Paho, used by IBM WebSphere Application Server Liberty (CVE-2019-11777)

September 22, 2022 | High Severity

WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the spoofing vulnerability CVE-2019-11777 from Liberty. ...read more


Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to Host Header Injection (CVE-2021-29854)

September 22, 2022 | Medium Severity

IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to Host header injection. ...read more


Security Bulletin: IBM CICS TX Advanced is vulnerable to information disclosure due to IBM WebSphere Application Server Liberty (CVE-2022-22393)

September 22, 2022 | Low Severity

WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the information disclosure vulnerability CVE-2022-22393 from Liberty. ...read more


Security Bulletin: IBM Common Cryptographic Architecture (CCA) is vulnerable to denial of service (CVE-2022-22423)

September 22, 2022 | Medium Severity

Insufficient input validation in IBM Common Cryptographic Architecture (CCA) may affect Hardware Security Module (HSM) availability. An affected IBM 4767 or IBM 4769 HSM may be forced into a check-stop condition by specially-crafted requests from HSM users. Recovery from a check-stop condition requires manual intervention. ...read more



Security Bulletin: IBM CICS TX Advanced is vulnerable to identity spoofing due to IBM WebSphere Application Server Liberty (CVE-2022-22476)

September 22, 2022 | Medium Severity

WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the identity spoofing vulnerability CVE-2022-22476 from Liberty. ...read more


Security Bulletin: IBM CICS TX Standard is vulnerable to spoofing due to a flaw in Eclipse Paho, used by IBM WebSphere Application Server Liberty (CVE-2019-11777)

September 22, 2022 | High Severity

WebSphere Application Server Liberty is used by IBM CICS TX Standard to provide a web based administration console. The fix removes the spoofing vulnerability CVE-2019-11777 from Liberty. ...read more


Security Bulletin: Apache Shiro (Publicly disclosed vulnerability) Affects IBM Partner Engagement Manager (CVE-2022-32532)

September 22, 2022 | High Severity

IBM Sterling Partner Engagement Manager uses Apache Shiro library 1.9.1, where A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass. ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Watson Explorer and Watson Explorer Content Analytics Studio (CVE-2022-21496, CVE-2022-21299)

September 22, 2022 | Medium Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by Watson Explorer and Watson Explorer Content Analytics Studio. Watson Explorer and Watson Explorer Content Analytics Studio have addressed the applicable CVEs. ...read more