High Severity
Security Bulletin: HAProxy vulnerability CVE-2019-18277 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0
Dec 10, 2020 7:01 pm EST
Categorized: High Severity
Share this post:
HAProxy vulnerability CVE-2019-18277 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0. The fix for this set of vulnerabilities was delivered in IBM Aspera High-Speed Transfer Server V4.0.0 and IBM Aspera High-Speed Transfer Endpoint V4.0.0.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Aspera High-Speed Transfer Server | 3.9.6.2 and earlier |
| IBM Aspera High-Speed Transfer Endpoint | 3.9.6.2 and earlier |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6380900
Security Bulletin: Vulnerability in jackson-databind affect IBM Spectrum Symphony
Mar 5, 2021 7:00 pm EST | High Severity
Vulnerability exist in the Jackson databind, core, and annotations version used by IBM Spectrum Symphony V7.3.1, V7.3, V7.2.1, and V7.2.0.2. Interim fixes that provide instructions on upgrading the Jackson databind, core, and annotations package to version 2.12.1 (which resolves the vulnerability) are available on IBM Fix Central. ...read more
Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow – CVE-2020-4687, CVE-2020-4760, CVE-2020-4704
Mar 5, 2021 7:00 pm EST | High Severity
The embedded IBM Content Navigator, that is shipped with IBM Business Automation Workflow is vulnerable to several security vulnerabilities. ...read more
Security Bulletin: Google-api-client as used by IBM QRadar SIEM is vulnerable to authorization bypass (CVE-2020-7692)
Mar 4, 2021 7:00 pm EST | High Severity
Google-api-client as used by IBM QRadar SIEM is vulnerable to authorization bypass, caused by no PKCE support implemented. ...read more