High Severity

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for April 2022

Share this post:

In addition to many updates of open source packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.2-IF010 and 21.0.3-IF008.

CVE(s): CVE-2021-39038, CVE-2022-0536, CVE-2022-0155, CVE-2021-35603 , CVE-2022-0235, CVE-2021-38966, CVE-2021-39031, CVE-2022-21365 , CVE-2022-21360 , CVE-2022-21349 , CVE-2022-21341 , CVE-2022-21340 , CVE-2022-21305 , CVE-2022-21294 , CVE-2022-21293 , CVE-2022-21291 , CVE-2022-21248 , CVE-2021-29859, CVE-2021-35550

Affected product(s) and affected version(s):

 

Affected Product(s) Version(s) Status

IBM Cloud Pak for Business Automation

V21.0.3 – V21.0.3-IF008 affected
IBM Cloud Pak for Business Automation V21.0.2 – V21.0.2-IF009 affected
IBM Cloud Pak for Business Automation

V21.0.1 – V21.0.1-IF007
V20.0.1 – V20.0.3
V19.0.1 – V19.0.3
V18.0.0 – V18.0.2

affected

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6578583
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/213968
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/219551
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216974
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211676
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217758
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/212357
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/213875
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217659
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217654
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217643
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217636
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217635
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217600
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217589
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217588
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217586
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217543
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/206081
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211627

More stories

Security Bulletin: Multiple vulnerabilities in Golang Go affect Cloud Pak System

August 16, 2022 | High Severity

Multiple vulnerabilities in Golang Go affect Cloud Pak System. IBM Cloud Pak System has addressed these vulnerabilities. ...read more


Security Bulletin: Vulnerabilities in Intel Chipset affect IBM Cloud Pak System (CVE-2021-0060, CVE-2021-0147, CVE-2021-33080)

August 16, 2022 | High Severity

Vulnerabilities in Intel Chipset affect IBM Cloud Pak System. IBM Cloud Pak System has addressed these vulnerabilities. ...read more


Security Bulletin: IBM InfoSphere Identity Insight vulnerabilities in third party libraries (CVE-2021-39239, CVE-2022-23308, CVE-2021-29424, CVE-2020-15250, 177835)

August 16, 2022 | High Severity

A vulnerability in the libxml2 library can cause a denial of service in IBM InfoSphere Identity Insight. Other vulnerabilities that do not impact Identity Insight are present in four libraries that are currently included with the product but not used. ...read more