Critical Severity

Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (Sept. 2021 V1)

Share this post:

Multiple vulnerabilities affect IBM Cloud Object Storage Systems. These vulnerabilities have been addressed in the latest ClevOS releases.

CVE(s): CVE-2021-31618, CVE-2020-26691, CVE-2021-26690, CVE-2021-30641, CVE-2020-35452, CVE-2020-25649, CVE-2021-3516, CVE-2021-3518, CVE-2020-8231, CVE-2020-1927, CVE-2020-1934, CVE-2020-8284, CVE-2020-8286, CVE-2020-8285, CVE-2020-14393, CVE-2021-33910, CVE-2020-10769, CVE-2021-3156, CVE-2020-26116, CVE-2020-12723, CVE-2020-10878, CVE-2020-10543, CVE-2020-36185, CVE-2020-36181, CVE-2020-36189, CVE-2020-36188, CVE-2020-36184, CVE-2020-36180, CVE-2020-36183, CVE-2020-36179, CVE-2020-36187, CVE-2020-36186, CVE-2020-36182, CVE-2021-20190, CVE-2019-2974, CVE-2021-22876

Affected product(s) and affected version(s):

 CVEs IDs Affected Version(s)
CVE-2019-2974 3.15.1.52 or prior Release
CVE-2021-33910 3.15.7.80 or prior Release
CVE-2021-31618 3.15.7.60 or prior Release
CVE-2020-26691 3.15.7.60 or prior Release
CVE-2021-26690 3.15.7.60 or prior Release
CVE-2021-30641 3.15.7.60 or prior Release
CVE-2020-35452 3.15.7.60 or prior Release
CVE-2020-1934 3.15.7.60 or prior Release
CVE-2020-1927 3.15.7.60 or prior Release
CVE-2021-3518 3.15.7.43 or prior Release
CVE-2021-3516 3.15.7.43  or prior Release
CVE-2021-22876 3.15.7.60 or prior Release
CVE-2020-12723 3.15.1.52 or prior Release
CVE-2020-10878 3.15.1.52 or prior Release
CVE-2020-10543 3.15.1.52 or prior Release
CVE-2021-3156 3.15.4.38 or prior Release
CVE-2021-20190 3.15.4.38 or prior Release
CVE-2020-36185 3.15.4.38 or prior Release
CVE-2020-36181 3.15.4.38 or prior Release
 CVE-2020-36189 3.15.4.38 or prior Release
CVE-2020-36188 3.15.4.38 or prior Release
CVE-2020-36184 3.15.4.38 or prior Release
 CVE-2020-36180 3.15.4.38 or prior Release
CVE-2020-36183 3.15.4.38 or prior Release
CVE-2020-36179 3.15.4.38 or prior Release
CVE-2020-36187 3.15.4.38 or prior Release
CVE-2020-36186 3.15.4.38 or prior Release
CVE-2020-36182 3.15.4.38 or prior Release
CVE-2020-8231 3.15.1.52 or prior Release
CVE-2020-8284  3.15.4.38 or prior Release
CVE-2020-8286  3.15.4.38 or prior Release
CVE-2020-8285  3.15.4.38 or prior Release
CVE-2020-14393 3.15.1.52 or prior Release
CVE-2020-26116 3.15.3.38 or prior Release
CVE-2020-25649 3.15.4.38 or prior Release
CVE-2020-10769 3.15.1.52  or prior Release

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6490933
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203466
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203464
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203459
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203463
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/192648
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/202838
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203144
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/186954
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/178936
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/178937
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/192854
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/192856
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/192855
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/188400
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/205907
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/183857
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/195658
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/189404
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/183205
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/183204
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/183203
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194380
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194376
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194384
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194383
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194379
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194375
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194378
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194374
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194382
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194381
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/194377
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/195243
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/169280
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/199186

More stories

Security Bulletin: Multiple vulnerabilities affect IBM Rational® Application Developer for WebSphere® Software – September 2021

Oct 25, 2021 8:00 pm EDT | Critical Severity

Vulnerabilities detected in Node.js versions before v14.16.2 affects IBM Rational® Application Developer for WebSphere® Software. ...read more


Security Bulletin: Vulnerabilities affect Watson Explorer Foundational Components (CVE-2021-3712, CVE-2021-3711)

Oct 22, 2021 8:03 pm EDT | Critical Severity

A critical OpenSSL buffer overflow vulnerability and possible denial of service affect IBM Watson Explorer Foundational Components. IBM Watson Explorer Foundational Components has addressed the vulnerabilities by updating the version of OpenSSL. ...read more


Security Bulletin: IBM QRadar Advisor With Watson uses components with known vulnerabilities (CVE-2020-36242, CVE-2021-33503, CVE-2020-28493)

Oct 20, 2021 8:02 pm EDT | Critical Severity

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. This update addresses these vulnerabilities. ...read more