Low Severity

Security Bulletin: IBM Security SOAR is using a version of Elasticsearch that has known vulnerabilities (CVE-2021-22137, CVE-2021-22135)

Share this post:

IBM Security SOAR is using a version of Elasticsearch that has known vulnerabilities. A recent update has addressed these issues.

CVE(s): CVE-2021-22137, CVE-2021-22135

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Resilient OnPrem IBM Security SOAR

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6493015
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/201915
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/201914

More stories

Security Bulletin:Liberty for Java for IBM Cloud is vulnerable to Information Disclosure (CVE-2021-29842)

Oct 13, 2021 8:01 pm EDT | Low Severity

IBM WebSphere Application Server Liberty is vulnerable to Information Exposure. ...read more


Security Bulletin: A Vulnerability in IBM Java Runtime Affects IBM Sterling Connect:Direct for UNIX

Oct 13, 2021 8:00 pm EDT | Low Severity

There is a vulnerability in IBM® Runtime Environment Java™ Versions 8.0.6.15, 8.0.6.0, 8.0.5.40, 8.0.5.30, 8.0.5.35, 7.0.10.70, and 7.0.10.40, used by IBM Sterling Connect:Direct for UNIX on AIX, Linux, Solaris, and HP-UX platforms. IBM Sterling Connect:Direct for UNIX has addressed the applicable CVEs. ...read more


Security Bulletin:Liberty for Java for IBM Cloud is vulnerable to Information Disclosure (CVE-2021-29842)

Oct 13, 2021 2:45 pm EDT | Low Severity

IBM WebSphere Application Server Liberty is vulnerable to Information Exposure. ...read more