High Severity

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to multiple vulnerabilities due to its use of IBM JAVA (CVE-2021-35560, CVE-2021-35578, CVE-2021-35565, CVE-2021-35603)

Share this post:

IBM Java is the runtime environment used by several components in IBM Cloud Pak for Multicloud Management Monitoring and contains several security vulnerabilities.

CVE(s): CVE-2021-35560 , CVE-2021-35578 , CVE-2021-35565 , CVE-2021-35603

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Cloud Pak for Multicloud Management Monitoring 2.0 – 2.3 Fix Pack 4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6604053
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211636
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211654
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211641
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211676

More stories

Security Bulletin: CP4D Match 360 is impacted due to vulnerability in IBM WebSphere Application Server Liberty spoofing due to Eclipse Paho (CVE-2019-11777)

October 3, 2022 | High Severity

There is a vulnerability in the Eclipse Paho library used by IBM WebSphere Application Server Liberty with the rtcomm-1.0 or rtcommGateway-1.0 feature enabled. Provided that IBM Match 360 uses WebSphere Liberty Profile, this vulnerability has been addressed in IBM Match 360 v4.5.2 and prior. ...read more


Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

October 3, 2022 | High Severity

A vulnerability in Apache Tomcat affects the product's management GUI. The Command Line Interface is unaffected. ...read more


Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

October 3, 2022 | High Severity

Java is used by IBM Robotic Process Automation for Cloud Pak as part of several container services that run Java applications. ...read more