Medium Severity

Security Bulletin: March 2021 :Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway

Share this post:

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 used by CICS Transaction Gateway. CICS Transaction Gateway has addressed the applicable CVEs.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM CICS Transaction Gateway 9.2.0.0 – 9.2.0.2
IBM CICS Transaction Gateway 9.1.0.0 – 9.1.0.3
IBM CICS Transaction Gateway 9.0.0.0 – 9.0.0.5
IBM CICS Transaction Gateway 8.1.0.0 – 8.1.0.5
IBM CICS Transaction Gateway 8.0.0.0 – 8.0.0.6

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6431181

More stories

Security Bulletin: IBM Jazz for Service Management is vulnerable to stored cross-site scripting (CVE-2021-38877)

Sep 22, 2021 8:04 pm EDT | Medium Severity

IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ...read more


Security Bulletin: Cache control vulnerability affects IBM Edge (CVE-2020-4805).

Sep 22, 2021 8:03 pm EDT | Medium Severity

IBM Edge is affected by a cache control vulnerability. IBM Edge has resolved this vulnerability. ...read more


Security Bulletin: IBM Jazz for Service Management is vulnerable to stored cross-site scripting (CVE-2021-29810)

Sep 22, 2021 8:03 pm EDT | Medium Severity

IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ...read more