Medium Severity

Security Bulletin: June 2022 :Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway

Share this post:

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 used by CICS Transaction Gateway. CICS Transaction Gateway has addressed seven CVEs that can allow denial of service and three CVEs that can allow no confidentiallty impact.

CVE(s): CVE-2022-21365 , CVE-2022-21360 , CVE-2022-21349 , CVE-2022-21341 , CVE-2022-21340 , CVE-2022-21305 , CVE-2022-21294 , CVE-2022-21293 , CVE-2022-21291 , CVE-2022-21248

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM CICS Transaction Gateway v9.2.0.0 – 9.2.0.2
IBM CICS Transaction Gateway v9.1.0.0 – 9.1.0.3
IBM CICS Transaction Gateway v9.0.0.0 – 9.0.0.5
IBM CICS Transaction Gateway v8.1.0.0 – 8.1.0.5
IBM CICS Transaction Gateway v8.0.0.0 – 8.0.0.6

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6597243
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217659
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217654
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217643
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217636
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217635
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217600
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217589
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217588
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217586
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217543

More stories

Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

June 27, 2022 | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8* that are used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM 8 Fix SR7 FP5 (8.0.7.5). ...read more



Security Bulletin: IBM SDK, Java Technology Edition, Security Update October 2021

June 27, 2022 | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8* that are used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates in October 2021. IBM 8 Fix SR7 FP5 (8.0.7.5). ...read more