Critical Severity
Security Bulletin: Multiple CVEs – Vulnerabilities in IBM Java Runtime affect IBM Integration Designer used in IBM Business Automation Workflow and IBM Business Process Manager
February 22, 2021
Categorized: Critical Severity
Share this post:
Vulnerabilities in IBM® Runtime Environment Java™ Versions 7 and 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVEs.
Affected product(s) and affected version(s):
| Affected products | Versions |
| Integration Designer | 8.5.7 |
| Integration Designer | 19.0.0.2 |
| Integration Designer | 20.0.0.1 |
| Integration Designer | 20.0.0.2 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6416559
Security Bulletin: IBM Tivoli Netcool Impact is affected but not classified as vulnerable by a remote code execution in Spring Framework (CVE-2022-22965)
July 5, 2022 | Critical Severity
IBM Tivoli Netcool Impact is affected but not classified as vulnerable to a remote code execution in Spring Framework (CVE-2022-22965).Spring is shipped as part of ActiveMQ package but is not used by the product. The fix removes Spring from the product. ...read more
Security Bulletin: IBM QRadar Network Packet Capture includes multiple vulnerable components.
July 5, 2022 | Critical Severity
The product includes multiple vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM has addressed the relevant CVEs. ...read more
Security Bulletin: Vulnerability in PostgreSQL may affect IBM Spectrum Protect Plus
June 30, 2022 | Critical Severity
PostgreSQL could allow a remote attacker to gain unauthorized access to the system which may affect IBM Spectrum Protect Plus. ...read more