Medium Severity

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Spring Framework

Share this post:

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Spring Framework.

CVE(s): CVE-2022-22971, CVE-2022-22970, CVE-2022-22968

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Watson Discovery 4.0.0-4.0.9

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6584219
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/226492
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/226491
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/224374

More stories

Security Bulletin: IBM CICS TX Standard is vulnerable to a local user causing a denial of service. (CVE-2022-34308)

October 4, 2022 | Medium Severity

IBM CICS TX Standard could allow a local user to cause a denial of service due to improper load handling. The fix removes this vulnerability (CVE-2022-34308) from IBM CICS TX Standard. ...read more


Security Bulletin: A security vulnerability has been identified in Apache HttpClient shipped with IBM Tivoli Netcool Impact (CVE-2020-13956)

October 4, 2022 | Medium Severity

Apache HttpClient is shipped with IBM Tivoli Netcool Impact to handle HTTP communications. . Information about a security vulnerability affecting Apache HttpClient has been published in a security bulletin. ...read more


Security Bulletin: A vulnerability in Apache WSS4J affects IBM Tivoli Business Service Manager (CVE-2014-3623)

October 4, 2022 | Medium Severity

Apache WSS4J is shipped with IBM Tivoli Business Manager 6.2.0 as part of its web services infrastructure. Information about security vulnerabilities affecting Apache WSS4J has been published in a security bulletin. ...read more