High Severity

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to Denial of Service via CVE-2021-33198

Share this post:

IBM App Connect Enterprise Certified Container may be vulnerable to Denial of Service via CVE-2021-33198. This affects the Operator itself and the ACE server image

CVE(s): CVE-2021-33198

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
App Connect Enterprise Certified Container 1.0 with Operator
App Connect Enterprise Certified Container 1.1 with Operator
App Connect Enterprise Certified Container 1.2 with Operator
App Connect Enterprise Certified Container 1.3 with Operator
App Connect Enterprise Certified Container 1.4 with Operator
App Connect Enterprise Certified Container 1.5 with Operator

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6488893
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/206604

More stories

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility

September 22, 2022 | High Severity

There are multiple vulnerabilities in IBM® Semeru Runtime Certified Edition 11 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. ...read more


Security Bulletin: A spoofing vulnerablity due to an exposure in Eclipse Paho used by IBM WebSphere Application Server Liberty affects TXSeries for Multiplatforms

September 22, 2022 | High Severity

TXSeries for Multiplatforms has addressed the following identity spoofing vulnerability in Eclipse Paho reported by IBM® WebSphere Application Server Liberty ...read more


Security Bulletin: IBM CICS TX Advanced is vulnerable to spoofing due to a flaw in Eclipse Paho, used by IBM WebSphere Application Server Liberty (CVE-2019-11777)

September 22, 2022 | High Severity

WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the spoofing vulnerability CVE-2019-11777 from Liberty. ...read more