High Severity

Security Bulletin: Multiple Apache Tomcat Vulnerabilities Affect IBM Control Center

Share this post:

Multiple Apache Tomcat vulnerabilities affect IBM Control Center. See vulnerability details for descriptions.

CVE(s): CVE-2020-9484, CVE-2020-11996, CVE-2020-13934, CVE-2020-13935, CVE-2020-13943, CVE-2020-17527, CVE-2021-24122

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Control Center 6.2.0.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6453463
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/182231
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/184012
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/185239
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/185227
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/189643
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/192612
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194894

More stories

Security Bulletin: OpenSSH for IBM i is affected by CVE-2021-41617

Dec 1, 2021 7:02 pm EST | High Severity

OpenSSH on IBM i is vulnerable to the issue described in the vulnerability details section. The applicability of the vulnerability is determined by an application's specific use of OpenSSH. IBM i has addressed the CVE in the OpenSSH implementation. ...read more


Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoringhas applied security fixes for its use of Mozilla Firefox

Dec 1, 2021 7:01 pm EST | High Severity

IBM Cloud Pak for Multicloud Management Monitoringhas applied security fixes for its use of Mozilla Firefox. ...read more


Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Dec 1, 2021 7:01 pm EST | High Severity

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. ...read more