Medium Severity
Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty affects IBM Spectrum Scale (CVE-2021-39038)
May 2, 2022
Categorized: Medium Severity
Share this post:
There is a vulnerability in IBM WebSphere Application Server Liberty, used by IBM Spectrum Scale, which could allow a remote attacker to hijack the victim’s click actions and possibly launch further attacks against the victim.
CVE(s): CVE-2021-39038
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Spectrum Scale | 5.0.0 – 5.0.5.13 |
| IBM Spectrum Scale | 5.1.0 – 5.1.3 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6579141
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/213968
Security Bulletin: IBM Workload Scheduler is vulnerable to arbitrary file creation vulnerability due to CVE-2022-22369 affecting JLOG component
August 8, 2022 | Medium Severity
The Jlog component on the Master Domain Manager of IBM Workload Scheduler permits an unauthenticated user to interact with the system making it possible to modify the way the service works or modify system files. ...read more
Security Bulletin: Liberty for Java for IBM Cloud is vulnerable to Identity Spoofing (CVE-2022-22476)
August 8, 2022 | Medium Severity
Liberty for Java for IBM Cloud is vulnerable to identity spoofing with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature enabled. This has been addressed. ...read more
Security Bulletin: Vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, that is used by IBM Workload Scheduler.
August 8, 2022 | Medium Severity
Vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, that is used by IBM Workload Scheduler. This issue was disclosed as part of the Oracle October 2021 Critical Patch Update. ...read more