High Severity

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for August 2022

Share this post:

In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF012 and 22.0.1-IF002.

CVE(s): CVE-2021-35561 , CVE-2022-35279, CVE-2022-21496 , CVE-2022-21434 , CVE-2022-21443 , CVE-2022-25896, CVE-2022-35644, CVE-2022-22476, CVE-2018-25031, CVE-2022-21299 , CVE-2022-28948, IBM X-Force ID:   221508

Affected product(s) and affected version(s):

Affected Product(s) Version(s) Status

IBM Cloud Pak for Business Automation

V22.0.1 – V22.0.1-IF001 affected
IBM Cloud Pak for Business Automation V21.0.3 – V21.0.3-IF011 affected
IBM Cloud Pak for Business Automation

V21.0.2 – V21.0.2-IF012 and later fixes
V21.0.1 – V21.0.1-IF007 and later fixes
V20.0.1 – V20.0.3 and later fixes
V19.0.1 – V19.0.3 and later fixes
V18.0.0 – V18.0.2 and later fixes

affected

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6618013
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211637
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/230537
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/224777
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/224718
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/224726
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/230257
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/230957
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/225604
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217346
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217594
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/226978

More stories

Security Bulletin: A Kafka vulnerability affects IBM Operations Analytics Predictive Insights (CVE-2022-34917 )

November 29, 2022 | High Severity

Kafka vulnerability affects IBM Operations Analytics Predictive Insights [CVE-2022-34917]. Kafka is used by IBM Operations Analytics Predictive Insight in the data ingestion and processing services. The vulnerabilities have been addressed. ...read more


Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 102.4ESR) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF16 – 2022.4.0

November 29, 2022 | High Severity

Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2022-42932, CVE-2022-40956, CVE-2022-42928, CVE-2022-42929, CVE-2022-42927, CVE-2022-40962, CVE-2022-40958, CVE-2022-40960, CVE-2022-40957, CVE-2022-40959 ...read more


Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty profile affects IBM Operations Analytics Predictive Insights(CVE-2022-22393 CVE-2022-22476 CVE-2022-22475)

November 29, 2022 | High Severity

Websphere Application Server Liberty profile is used in the UI component of IBM Operations Analytics Predictive Insights. The vulnerabilities have been addressed. ...read more