Medium Severity

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to an unspecified vulnerability in Java SE ( CVE-2022-21291)

Share this post:

An unspecified vulnerability in Java SE – CVE-2022-21291 related to the VM component has been identified that affects IBM Watson Assistant for IBM Cloud Pak for Data. Java SE is used by IBM Watson Assistant for IBM Cloud Pak for Data as part of its platform for developement of core functionalities. The fix includes version 8u312. Refer to details for additional information.

CVE(s): CVE-2022-21291

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Watson Assistant for IBM Cloud Pak for data 1.5.0, 4.0.0, 4.0.2, 4.0.4, 4.0.5, 4.0.6, 4.0.7

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6583947
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217586

More stories

Security Bulletin: IBM Sterling Partner Engagement Manager vulnerable to denial of service due to Apache Shiro (CVE-2022-32532)

September 23, 2022 | Medium Severity

IBM Sterling Partner Engagement Manager uses Apache Shiro library 1.9.1, where A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. The issue has been addressed. ...read more


Security Bulletin: IBM MQ Appliance is vulnerable to cross-site scripting (CVE-2022-31744)

September 23, 2022 | Medium Severity

IBM MQ Appliance has resolved a cross-site scripting vulnerability. ...read more


Security Bulletin: Due to RPM, AIX is vulnerable to arbitrary code execution (CVE-2021-20271), RPM database corruption (CVE-2021-3421), and denial of service (CVE-2021-20266)

September 23, 2022 | Medium Severity

AIX is vulnerable to arbitrary code execution (CVE-2021-20271), RPM database corruption (CVE-2021-3421), and denial of service (CVE-2021-20266) due to RPM. RPM is used by AIX for package management. ...read more