Medium Severity

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2021-20227)

Share this post:

This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability.

CVE(s): CVE-2021-20227

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Tivoli Composite Application Manager for Transactions (Response Time) 7.4.0.2
IBM Cloud Application Performance Management – Response Time Monitoring Agent 8.1.4
IBM Performance Management – Response Time Monitoring Agent 8.1.3
IBM Tivoli Composite Application Manager for Transactions (Response Time) 7.4.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6477350
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/198960

More stories

Security Bulletin: IBM Aspera Webapps are vulnerable to cross-site scripting (CVE-2020-11022, CVE-2020-11023).

Sep 17, 2021 8:01 pm EDT | Medium Severity

IBM Aspera Webapps are vulnerable to cross-site scripting. See vulnerability details for more information. ...read more


Security Bulletin: IBM SDK, Java Tech Edition Quarterly CPU – Apr 2021 + Oracle Apr 2021; Jul 2021 + Oracle 2021 CPU

Sep 17, 2021 8:01 pm EDT | Medium Severity

This Security Bulletin provides steps for updating Java for Db2 Query Management Facility QMF Workstation and QMF Vision. ...read more


Security Bulletin: ISC DHCP for IBM i is affected by CVE-2021-25217

Sep 17, 2021 8:01 pm EDT | Medium Severity

ISC DHCP on IBM i is vulnerable to the issue described in the vulnerability details section. IBM i has addressed the vulnerability in the ISC DHCP implementation. ...read more