Critical Severity

Security Bulletin: De-serialization Vulnerability Affects IBM Partner Engagement Manager (CVE-2021-29781)

Share this post:

IBM Sterling Partner Engagement Manager could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE(s): CVE-2021-29781

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Partner Engagement Manager 2.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6476668
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203091

More stories

Security Bulletin: OpenSSL for IBM i is affected by CVE-2021-3711 and CVE-2021-3712

Sep 24, 2021 8:00 pm EDT | Critical Severity

OpenSSL is provided as an API available to application developers on IBM i. The OpenSSL APIs on IBM i are vulnerable to the issues described in the vulnerability details section. The applicability of each vulnerability is determined by an application's specific use of OpenSSL. IBM i has addressed the vulnerability for applications by addressing the CVEs in the OpenSSL API implementation. ...read more


Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (Sept. 2021 V1)

Sep 22, 2021 8:03 pm EDT | Critical Severity

Multiple vulnerabilities affect IBM Cloud Object Storage Systems. These vulnerabilities have been addressed in the latest ClevOS releases. ...read more


Security Bulletin: Multiple vulnerabilities in VMware affect IBM Cloud Pak System

Sep 22, 2021 8:01 pm EDT | Critical Severity

Multiple vulnerabilities have been identified in VMware, a supporting product shipped with IBM Cloud Pak System. Vulnerabilities in VMware vSphere Client (HTML5) for VMware vCenter plugins in vRealize Operations Environment, not used in Cloud Pak Systems, but for VMware vulnerabile vCenter endpoints exist. The recommendation is to apply workaround. Refer to the corresponding sections below for details. ...read more