Medium Severity

Security Bulletin: IBM i is vulnerable to bypass security restrictions due to Samba SMB1 (CVE-2021-43566 and CVE-2021-44141)

Share this post:

Samba is available on IBM i to provide file system access. Samba is vulnerable to the issues described in the vulnerability details section. IBM i has addressed the applicable CVEs in the Samba implementation by providing a fix.

CVE(s): CVE-2021-43566, CVE-2021-44141

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM i 7.4
IBM i 7.3

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6560396
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217058
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/218468

More stories

Security Bulletin: IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library is affected by vulnerability in Netty (CVE-2022-24823)

June 29, 2022 | Medium Severity

Netty (CVE-2022-24823) is used by IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library as part of the webhook integration. The latest patch includes Netty 4.1.77.Final to fix the vulnerability. ...read more


Security Bulletin: Vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments (CVE-2021-35550, CVE-2021-35603)

June 29, 2022 | Medium Severity

Vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in October 2021. IBM® Runtime Environment Java™ is used by IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments and may be affected by the below vulnerabilities (CVEs). ...read more


Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Impact (CVE-2021-39038)

June 29, 2022 | Medium Severity

IBM WebSphere Application Server is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. ...read more