Medium Severity

Security Bulletin: IBM Sterling Connect:Direct FTP+ is vulnerable to unauthorized data access due to IBM Java (CVE-2021-35550)

June 21, 2022

Share this post:

IBM Java is used by IBM Sterling Connect:Direct FTP+ on AIX, Linux, Solaris, and Windows platforms in product configuration and data transmission. IBM Sterling Connect:Direct FTP+ on AIX, Linux, Solaris, and Windows platforms is impacted by an unauthorized data access issue in IBM Java (CVE-2021-35550). IBM Sterling Connect:Direct FTP+ on AIX, Linux, Solaris, and Windows platforms has upgraded IBM Java to version 8.0.7.10 to address the issue.

CVE(s): CVE-2021-35550

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
IBM Sterling Connect:Direct FTP+	1.3.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6597285
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211627

Medium Severity

Security Bulletin: Vulnerability in OpenSSL affects IBM Watson Explorer (CVE-2022-0778)

Search Posts

Resources

Feed for PSIRT Blog Posts

IBM Product Security Vulnerabilities

See information about: IBM Security Bulletins, IBM Security Vulnerability Management (PSIRT), Reporting a Security Issue, IBM Secure Engineering

Learn More

IBM Product Support Portal

Access IBM Product Support to: Subscribe to Notifications, Download Fixes & PTFs (Fix Central), Access the Directory of IBM Worldwide Contacts

See What's New

Helpful Information

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

June 27, 2022 | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8* that are used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM 8 Fix SR7 FP5 (8.0.7.5). ...read more

Security Bulletin: Vulnerabilities in the Java JDK affect IBM Event Streams (CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21294, CVE-2022-21293, CVE-2022-21291, CVE-2022-21248)

June 27, 2022 | Medium Severity

There are a number of vulnerabilities in the Java JDK used by IBM Event Streams. ...read more

Medium Severity

Security Bulletin: IBM Sterling Connect:Direct FTP+ is vulnerable to unauthorized data access due to IBM Java (CVE-2021-35550)

Security Bulletin: Vulnerability in OpenSSL affects IBM Watson Explorer (CVE-2022-0778)

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM WebSphere Application Server January 2022 CPU that is bundled with IBM WebSphere Application Server Patterns

Search Posts

Archives

Resources

IBM Product Security Vulnerabilities

IBM Product Support Portal

Helpful Information

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

June 27, 2022 | Medium Severity

Security Bulletin: Vulnerabilities in the Java JDK affect IBM Event Streams (CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21294, CVE-2022-21293, CVE-2022-21291, CVE-2022-21248)

June 27, 2022 | Medium Severity

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

June 27, 2022 | Medium Severity