Medium Severity

Security Bulletin: IBM Sterling External Authentication Server is vulnerable to multiple vulnerabilities due to IBM Java Runtime

Share this post:

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling External Authentication Server. IBM Sterling External Authentication Server has addressed the applicable CVEs.

CVE(s): CVE-2021-35578 , CVE-2021-35550 , CVE-2021-2369 , CVE-2022-21291 , CVE-2021-35603

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Secure External Authentication Server 6.0.3
IBM Sterling External Authentication Server 2.4.3.2

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6586700
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211654
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211627
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/205796
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217586
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211676

More stories


Security Bulletin: IBM InfoSphere Information Server Pack for SAP Apps and BW Packs is affected by an improper validation vulnerability

June 30, 2022 | Medium Severity

An improper validation vulnerability in IBM InfoSphere Information Server Pack for SAP Apps and BW Packs was addressed. ...read more