Critical Severity

Security Bulletin: IBM QRadar Azure marketplace images include Open Management Infrastructure RPM, which is vulnerable to Remote Code Execution (CVE-2021-38647)

Share this post:

IBM QRadar Azure marketplace images include the Open Management Infrastructure RPM which is vulnerable to CVE-2021-38647. Although we do not expose the affected port, we suggest updating out of an abundance of caution.

CVE(s): CVE-2021-38647

Affected product(s) and affected version(s):

IBM QRadar Azure marketplace images 7.3.0 to 7.3.3 Patch 9

IBM QRadar Azure marketplace images 7.4.0 to 7.4.3 Patch 2

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin:
X-Force Database:

More stories

Security Bulletin: Vulnerabilities affect Watson Explorer Foundational Components (CVE-2021-3712, CVE-2021-3711)

Oct 22, 2021 8:03 pm EDT | Critical Severity

A critical OpenSSL buffer overflow vulnerability and possible denial of service affect IBM Watson Explorer Foundational Components. IBM Watson Explorer Foundational Components has addressed the vulnerabilities by updating the version of OpenSSL. more

Security Bulletin: IBM QRadar Advisor With Watson uses components with known vulnerabilities (CVE-2020-36242, CVE-2021-33503, CVE-2020-28493)

Oct 20, 2021 8:02 pm EDT | Critical Severity

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. This update addresses these vulnerabilities. more

Security Bulletin: Multiple Vulnerabilities in VMware vCenter affect IBM Cloud Pak System

Oct 20, 2021 8:00 pm EDT | Critical Severity

Multiple vulnerabilities in VMware vCenter plugins affect IBM Cloud Pak System. IBM Cloud Pak System  in response to the vulnerabilities in VMware vCenter, provides the new release of IBM Cloud Pak System V2.3.3.4, with a new vCenter Image. more