High Severity

Security Bulletin: IBM DataPower Gateway Operand affected by vulnerabilities in Go (CVE-2021-44716, CVE-2021-44717)

Share this post:

Ibm DataPower Gateway, when deployed by DataPower Operator on Kubernetes & OpenShift, is subject to a potential denial of service. IBM has addressed the relevant CVEs

CVE(s): CVE-2021-44717, CVE-2021-44716

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM DataPower Gateway V10.0.4 10.0.2.0-10.0.4.0
IBM DataPower Gateway 10.0.1 10.0.1.0-10.0.1.5

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6589179
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216563
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216553

More stories

Security Bulletin: Denial of Service vulnerability in OpenSSL may affect IBM Spectrum Protect Backup-Archive Client (CVE-2022-0778)

June 29, 2022 | High Severity

OpenSSL vulnerabilities were disclosed on March 15, 2022 by the OpenSSL Project. OpenSSL, used by the IBM Spectrum Protect Backup-Archive Client for network connections with NetApp services, has addressed the applicable CVE. ...read more


Security Bulletin: Multiple vulnerabilities in Linux Kernel affect IBM Spectrum Protect Plus

June 29, 2022 | High Severity

There are multiple vulnerabilities in the Linux Kernel that affect IBM Spectrum Protect Plus. These vulnerabilities include elevation of privileges, obtaining sensitive information, denial of service, execution of arbitrary code on the system, bypassing security restrictions, and buffer overflow. ...read more


Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to various attacks due to its use of redis (CVE-2021-32675, CVE-2021-32626, CVE-2021-32672)

June 29, 2022 | High Severity

Redis is used by several components in IBM Cloud Pak for Multicloud Management Monitoring as an in-memory shared cache database. It is not exposed outside the cluster. ...read more