Medium Severity

Security Bulletin: An Apache Commons Compress vulnerability has been identified with the embedded IBM FileNet P8 Content Platform Engine component in IBM Business Process Manager and IBM Business Automation Workflow

Share this post:

An Apache Commons Compress vulnerability has been identified with the embeded IBM FileNet P8 Content Platform Engine component, specifically with the Administration Console for Content Platform Engine application, in IBM Business Process Manager and IBM Business Automation Workflow.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Business Process Manager 8.5.7
IBM Business Automation Workflow 18.0.0.0
IBM Business Automation Workflow 18.0.0.1

Note: CVE 2019-12402, which is specifically for an IBM Administration Console for Content Platform Engine that is part of the embedded Content Platform Engine, does not affect Business Automation Workflow V18.0.0.2 or later versions.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1283920

More stories

Security Bulletin: Resilient is vulnerable to using Python component with known vulnerabilities in RHEL 7

Apr 8, 2020 8:01 pm EDT | Medium Severity

Resilient is vulnerable to using Python component with known vulnerabilities in RHEL 7. CVE-2019-9948 and CVE-2019-9947 are fixed in RHEL7 as part of Errata RHSA-2019:2030 (https://access.redhat.com/errata/RHSA-2019:2030). This update is included in Resilient 34.1.53, released on September 17, 2019, and subsequent versions. ...read more


Security Bulletin: IBM Resilient OnPrem does not properly limit the number or frequency of pssword reset interactions

Apr 8, 2020 8:00 pm EDT | Medium Severity

IBM Resilient OnPrem does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests for password reset ...read more


Security Bulletin: IBM Spectrum Scale Transparent Cloud Tiering is affected by a vulnerability in IBM® Runtime Environment Java™ Version 8

Apr 8, 2020 8:00 pm EDT | Medium Severity

There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Spectrum Scale Transparent Cloud Tiering. The IBM Spectrum Scale Transparent Cloud Tiering have addressed the applicable CVE. ...read more