Low Severity

Security Bulletin: IBM InfoSphere Master Data Management Server vulnerability in OpenSSL

Share this post:

The vulnerability in CVE-2020-1968, CVE-2020-1971, CVE-2021-23839, CVE-2021-23840, CVE-2021-23841 have been addressed in the latest interim Fix (iFix) available on Fix Central for all 3 affected versions.

CVE(s): CVE-2020-1968

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
InfoSphere Master Data Management 11.5, 11.6, 12.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6507573
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/187977

More stories

Security Bulletin: Apache Commons FileUpload vulnerability affects IBM Tivoli Business Service Manager (CVE-2013-0248)

Dec 1, 2021 7:02 pm EST | Low Severity

Apache Commons FileUpload is shipped as part of IBM Tivoli Business Manager 6.2.0. Information about security vulnerabilities affecting Apache Commons FileUpload has been published in a security bulletin. ...read more


Security Bulletin: CVE-2021-2341 may affect IBM® SDK, Java™ Technology Edition

Nov 30, 2021 7:04 pm EST | Low Severity

CVE-2021-2341 was disclosed as part of the Oracle July 2021 Critical Patch Update. ...read more


Security Bulletin: Vulnerability in Apache Log4j may affect Cúram Social Program Management (CVE-2020-9488)

Nov 25, 2021 7:01 pm EST | Low Severity

IBM Cúram Social Program Management uses the Apache Log4j libraries, for which there is a publicly known vulnerability. For this vulnerability, Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. ...read more