Medium Severity

Security Bulletin: IBM Cloud Pak for Integration is vulnerable to jzsip (CVE-2021-23413)

Share this post:

IBM Cloud Pak for Integration is vulnerable to jzsip CVE-2021-23413 with details below

CVE(s): CVE-2021-23413

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Asset Repository in IBM Cloud Pak for Integration (CP4I) 2020.4.1
2021.1.1
2021.2.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6501845
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/206307

More stories

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Netcool Agile Service Manager

Nov 25, 2021 7:00 pm EST | Medium Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Netcool Agile Service Manager. IBM Netcool Agile Service Manager has addressed the applicable CVEs. ...read more


Security Bulletin: Vulnerability in Dojo may affect IBM Cúram Social Program Management (CVE-2018-15494)

Nov 25, 2021 7:00 pm EST | Medium Severity

IBM Cúram Social Program Management uses the Dojo libraries, for which there is a publicly known vulnerability. Dojo Toolkit is vulnerable to cross-site scripting attack, caused by improper validation of user-supplied input by the DataGrid component. ...read more


Security Bulletin: Vulnerability in Apache Santuario XML Security for Java may affect Cúram Social Program Management (CVE-2021-40690)

Nov 25, 2021 7:00 pm EST | Medium Severity

IBM Cúram Social Program Management uses the Apache Santuario XML Security for Java libraries, for which there is a publicly known vulnerability. For this vulnerability Apache Santuario XML Security for Java could allow a remote attacker to bypass security restrictions, caused by the improper passing of the "secureValidation" property when creating a KeyInfo from a KeyInfoReference element. ...read more