Medium Severity

Security Bulletin: IBM® SDK Java™ Technology Edition, is used by IBM Tivoli Application Dependency Discovery Manager (TADDM) and is vulnerable to a denial of service (CVE-2021-35561, CVE-2022-21443, CVE-2022-21434,CVE-2022-21496,CVE-2022-21299).

July 6, 2022

Share this post:

IBM® SDK Java™ Technology Edition, is used by IBM Tivoli Application Dependency Discovery Manager (TADDM) and is vulnerable to a denial of service (CVE-2021-35561, CVE-2022-21443, CVE-2022-21434,CVE-2022-21496,CVE-2022-21299).

CVE(s): CVE-2022-21299 , CVE-2022-21496 , CVE-2022-21434 , CVE-2022-21443 , CVE-2021-35561

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
IBM Tivoli Application Dependency Discovery Manager	7.3.0.0 – 7.3.0.9

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6601539
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217594
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/224777
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/224718
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/224726
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211637

Medium Severity

Security Bulletin: A security vulnerability has been identified in Apache Subversion shipped with IBM Tivoli Netcool Impact (CVE-2022-24070)

Search Posts

Resources

Feed for PSIRT Blog Posts

IBM Product Security Vulnerabilities

See information about: IBM Security Bulletins, IBM Security Vulnerability Management (PSIRT), Reporting a Security Issue, IBM Secure Engineering

Learn More

IBM Product Support Portal

Access IBM Product Support to: Subscribe to Notifications, Download Fixes & PTFs (Fix Central), Access the Directory of IBM Worldwide Contacts

See What's New

Helpful Information

Security Bulletin: Vulnerability in the Node.js got module affects IBM Event Streams (CVE-2022-33987)

August 10, 2022 | Medium Severity

This security vulnerability affects the Node.js got module that is used by IBM Event Streams. ...read more

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to remote access due to Go CVE-2022-29526

August 10, 2022 | Medium Severity

Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to remote access due to Go CVE-2022-29526 with details below ...read more

Security Bulletin: IBM Netezza for Cloud Pak for Data is vulnerable to injection attack due to urllib package in Python3 (CVE-2022-0391)

August 9, 2022 | Medium Severity

IBM Netezza for Cloud Pak for Data is vulnerable to injection attack due to improper input validation by the urllib.parse module from Python3. Vulnerability is addressed by upgrading Pytthon to version 3.9.7. ...read more

Medium Severity

Security Bulletin: IBM® SDK Java™ Technology Edition, is used by IBM Tivoli Application Dependency Discovery Manager (TADDM) and is vulnerable to a denial of service (CVE-2021-35561, CVE-2022-21443, CVE-2022-21434,CVE-2022-21496,CVE-2022-21299).

Security Bulletin: A security vulnerability has been identified in Apache Subversion shipped with IBM Tivoli Netcool Impact (CVE-2022-24070)

Security Bulletin: A security vulnerability has been identified in jackson-databind shipped with IBM Tivoli Netcool Impact (CVE-2020-36518, WS-2021-0616)

Search Posts

Archives

Resources

IBM Product Security Vulnerabilities

IBM Product Support Portal

Helpful Information

Security Bulletin: Vulnerability in the Node.js got module affects IBM Event Streams (CVE-2022-33987)

August 10, 2022 | Medium Severity

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to remote access due to Go CVE-2022-29526

August 10, 2022 | Medium Severity

Security Bulletin: IBM Netezza for Cloud Pak for Data is vulnerable to injection attack due to urllib package in Python3 (CVE-2022-0391)

August 9, 2022 | Medium Severity