Medium Severity

Security Bulletin: Host header injection vulnerability in Business Automation Studio in Cloud Pak for Automation (CVE-2021-29872)

Share this post:

Business Automation Studio in IBM Cloud Pak for Automation is vulnerable to a host header injection attack.

CVE(s): CVE-2021-29872

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Cloud Pak for Automation

21.0.1 before IF007
21.0.2 before IF007

Note that 21.0.3 is not affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6541294
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/206228

More stories

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

June 27, 2022 | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8* that are used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM 8 Fix SR7 FP5 (8.0.7.5). ...read more



Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

June 27, 2022 | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8* that are used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM 8 Fix SR7 FP5 (8.0.7.5). ...read more