Medium Severity

Security Bulletin: IBM i is vulnerable to bypass security restrictions due to Samba SMB1 (CVE-2021-43566 and CVE-2021-44141)

March 2, 2022

Categorized: Medium Severity

Share this post:

Samba is available on IBM i to provide file system access. Samba is vulnerable to the issues described in the vulnerability details section. IBM i has addressed the applicable CVEs in the Samba implementation by providing a fix.

CVE(s): CVE-2021-43566, CVE-2021-44141

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM i 7.4
IBM i 7.3

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6560396
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217058
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/218468


Previous Post

Security Bulletin: Multiple vulnerabilities may affect IBM Robotic Process Automation

Next Post

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to IBM Dojo (CVE-2021-234550), Java SE (CVE-2021-35578), IBM WebSphere Application Server - Liberty (CVE-2021-39031), Apache Log4j (CVE-2021-44832) and Gson (217225)
More stories

Security Bulletin: IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library is affected by vulnerability in Netty (CVE-2022-24823)

June 29, 2022 | Medium Severity

Netty (CVE-2022-24823) is used by IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library as part of the webhook integration. The latest patch includes Netty 4.1.77.Final to fix the vulnerability. ...read more

Security Bulletin: Vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments (CVE-2021-35550, CVE-2021-35603)

June 29, 2022 | Medium Severity

Vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in October 2021. IBM® Runtime Environment Java™ is used by IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments and may be affected by the below vulnerabilities (CVEs). ...read more

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Impact (CVE-2021-39038)

June 29, 2022 | Medium Severity

IBM WebSphere Application Server is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. ...read more