Medium Severity

Security Bulletin: IBM MQ is vulnerable to multiple issues in IBM® Runtime Environment Java™ Technology Edition, Version 8 and Version 7 (CVE-2021-35578, CVE-2021-35588, CVE-2021-41035)

Share this post:

Multiple issues were identified in IBM® Runtime Environment Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Technology Edition, Version 7 which affect IBM MQ.

CVE(s): CVE-2021-35578 , CVE-2021-35588 , CVE-2021-41035

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM MQ 9.1 LTS
IBM MQ 9.0 LTS
IBM MQ 8.0
IBM MQ 9.2 CD
IBM MQ 9.1 CD
IBM MQ 9.2 LTS

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6540570
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211654
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211662
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/212010

More stories

Security Bulletin: Multiple Vulnerabilities in Intel Firmware affect Cloud Pak System

August 13, 2022 | Medium Severity

Vulnerabilities in Intel firmware affect Cloud Pak System. Cloud Pak system nodes using Intel driver firmware recommended update. ...read more


Security Bulletin: A Unspecified Java Vulnerability is affecting Watson Knowledge Catalog for IBM Cloud Pak for Data (CVE-2021-35550)

August 12, 2022 | Medium Severity

An unspecified vulnerability in Java is affecting Watson Knowledge Catalog for IBM Cloud Pak for Data. This vulnerability have been addressed. ...read more


Security Bulletin: CP4D Match 360 is affected by Identity Spoofing vulnerability in IBM WebSphere Application Server Liberty

August 12, 2022 | Medium Severity

IBM WebSphere Application Server Liberty is vulnerable to identity spoofing with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature enabled. This has been addressed. IBM Match 360 v4.5.0 and prior, is also vulnerable given that it uses WebSphere Application Server Liberty. ...read more