Critical Severity

Security Bulletin: IBM Security SiteProtector System is affected by multiple Apache HTTP Server Vulnerabilities

Share this post:

Apache HTTP Server provides HTTP services for SiteProtector. IBM Security SiteProtector System has addressed the following vulnerabilities in a Core express update:

CVE(s): CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2021-44790, CVE-2021-44224

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Security SiteProtector System 3.1.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6591347
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/221667
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/221668
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/221666
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215686
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215719

More stories

Security Bulletin: IBM Case Manager is affected but not classified as vulnerable to a remote code execution in Spring Framework [CVE-2022-22965]

September 30, 2022 | Critical Severity

IBM Case Manager is affected but not classified as vulnerable to a remote code execution in Spring Framework [CVE-2022-22965]. To be vulnerable a product must meet all of the following criterias: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR (in contrast to a Spring Boot executable jar), 4. Spring-webmvc or spring-webflux dependency, 5. Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions. Cloud connector service if enabled will use only the spring, as in a client to make only the REST calls with IBM Cloud Mangement Console. The fix includes Spring 5.3.18. IBM Case Manager doesn't meet all of the criterias and, therefore, is not vulnerable. ...read more


Security Bulletin: Multiple vulnerabilities in Curl affect PowerSC

September 23, 2022 | Critical Severity

There are multiple vulnerabilities in Curl that affect PowerSC. ...read more


Security Bulletin: A security vulnerability has been identified in Postgresql shipped with IBM Tivoli Netcool Impact (CVE-2022-26520, CVE-2022-21724, 220313)

September 21, 2022 | Critical Severity

Postgresql is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting Postgresql has been published in a security bulletin. ...read more