Medium Severity

Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (March 2021)

Share this post:

Multiple vulnerabilities affect IBM Cloud Object Storage Systems. These vulnerabilities have been addressed in the latest ClevOS releases.

Affected product(s) and affected version(s):

CVE-ID Release Fixed In Affected ClevOS Releases
CVE-2019-15807 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-7308 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-3882 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-11810 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-11811 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-3901 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-10639 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-14821 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-5489 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-19049 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-19046 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-18786 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-11599 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-18282 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2020-11935 3.12.4.211 3.12.4.200 or Prior 3.12 Release 
CVE-2019-13272 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-19527 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-19537 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-19524 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-19526 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-19530 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-19532 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 
CVE-2019-19037 3.12.4.211
3.13.6.175
3.14.13.80
3.12.4.200 or Prior 3.12 Release 
3.13.6.166 or Prior 3.13 Release
3.14.11.41 or Prior 3.14 Release 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6421491

More stories

Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow – CVE-2020-4757, PSIRT-ADV0028011, CVE-2020-4934

Apr 21, 2021 8:00 pm EDT | Medium Severity

The embedded IBM Content Navigator, that is shipped with IBM Business Automation Workflow is vulnerable to several security vulnerabilities. ...read more


Security Bulletin: Multiple vulnerabilities in GNU Binutils affect IBM Netezza Performance Server

Apr 21, 2021 8:00 pm EDT | Medium Severity

GNU Binutils is used by IBM Netezza Platform Server. IBM Netezza Platform Server has addressed the applicable CVEs. ...read more


Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect Apache Solr shipped with IBM Operations Analytics – Log Analysis

Apr 20, 2021 8:00 pm EDT | Medium Severity

There are vulnerabilities in various versions of Eclipse Jetty that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. ...read more