High Severity

Security Bulletin: IBM Security Guardium is affected by OpenSSL denial of service vulnerabilities (CVE-2021-23840, CVE-2021-23841)

Share this post:

IBM Security Guardium has fixed these vulnerabilities.

CVE(s): CVE-2021-23840, CVE-2021-23841

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Security Guardium 11.0
IBM Security Guardium 11.1
IBM Security Guardium 11.2
IBM Security Guardium 11.3
IBM Security Guardium 11.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6563575
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/196848
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/196847

More stories

Security Bulletin: IBM Engineering Test Management is vulnerable to arbitrary data access due to XStream ( CVE-2020-26258, CVE-2020-26259 )

July 4, 2022 | High Severity

IBM Engineering Test Management is vulnerable to remote attacker having access to snesitive data or to arbitrary files from system due to XStream. ...read more


Security Bulletin: IBM Integration Bus and IBM App Connect Enterprise are vulnerable to arbitrary code execution due to async ( CVE-2021-43138) and nconf (CVE-2022-21803)

July 4, 2022 | High Severity

IBM Integration Bus and IBM App Connect Enterprise are vulnerable to arbitrary code execution, due to the async (CVE-2021-43138) and nconf (CVE-2022-21803) modules for Node.js. A mitigation has been provided for IBM Integration Bus. The latest fix packs for IBM App Connect Enterprise includes async >=3.2.3 and nconf 0.12.0 ...read more