High Severity
Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to various attacks due to its use of redis (CVE-2021-32675, CVE-2021-32626, CVE-2021-32672)
June 29, 2022
Categorized: High Severity
Share this post:
Redis is used by several components in IBM Cloud Pak for Multicloud Management Monitoring as an in-memory shared cache database. It is not exposed outside the cluster.
CVE(s): CVE-2021-32672, CVE-2021-32626, CVE-2021-32675
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Cloud Pak for Multicloud Management Monitoring | 2.0 – 2.3 Fix Pack 4 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6599643
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/210726
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/210723
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/210727
Security Bulletin: Vulnerabilities in vCenter affect IBM Cloud Pak System (CVE-2021-21980, CVE-2021-22049 )
August 13, 2022 | High Severity
Vulnerabilities have beein found in VMware vCenter. vCenter is shipped with Cloud Pak System. Cloud Pak System has addressed these vulnerabilities. ...read more
Security Bulletin: Vulnerability in polkit affects Cloud Pak System ( CVE-2021-4034)
August 13, 2022 | High Severity
Polkit is used by IBM Cloud System OS. This security bulletin service applies to IBM Cloud System , IBM Cloud System Software and IBM Cloud System Software Suite. ...read more
Security Bulletin: Vulnerability in IBM SAN Volume Controller, IBM Storwize, and IBM FlashSystem shipped with Cloud Pak System
August 13, 2022 | High Severity
Vulnerability found in IBM SAN Volume Controller, IBM Storwize, and IBM FlashSystem shipped with Cloud Pak System. Cloud Pak System has addressed this vulnerability. ...read more