Medium Severity

Security Bulletin: A vulnerability in IBM Java Runtime affect IBM Spectrum Conductor and IBM Spectrum Conductor with Spark

Share this post:

There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0, IBM Spectrum Conductor 2.3.0, and IBM Spectrum Conductor with Spark 2.2.1. IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0, IBM Spectrum Conductor 2.3, and IBM Spectrum Conductor with Spark 2.2.1 have addressed the applicable CVE.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Spectrum Conductor with Spark 2.2.1
IBM Spectrum Conductor 2.4
IBM Spectrum Conductor 2.4.1
IBM Spectrum Conductor 2.3

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6336803

More stories

Security Bulletin: IBM Cloud Pak for Security is vulnerable to CVE-2021-20538 and CVE-2021-20577

May 7, 2021 8:00 pm EDT | Medium Severity

IBM Cloud Pak for Security versions 1.5.0.1 and earlier is vulnerable to the following CVEs: CVE-2021-20538, meaning that sensitive information can be obtained by the user without sufficient authorisation. CVE-2021-20577, allowing cross side scripting that can potentially lead to credentials disclosure. These are addressed in CP4S 1.6.0.0 and later versions ...read more


Security Bulletin: A security vulnerability in Node.js urijs module affects IBM Cloud Pak for Multicloud Management Infrastructure management.

May 7, 2021 8:00 pm EDT | Medium Severity

A security vulnerability in Node.js urijs module affects IBM Cloud Pak for Multicloud Management Infrastructure management. ...read more


Security Bulletin: IBM Control Desk is vulnerable to Cross-Site Scripting Vulnerability (CVE-2021-20559)

May 7, 2021 8:00 pm EDT | Medium Severity

IBM Control Desk is vulnerable to Cross-Site Scripting Vulnerability ...read more