Medium Severity

Security Bulletin: Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE) ( CVE-2021-20417, CVE-2021-20415)

Share this post:

There are multiple vulnerabilities identified in IBM Guardium Data Encryption (GDE). These vulnerabilities have been fixed in GDE 4.0.0.5. Please apply the latest version to obtain the fixes.

CVE(s): CVE-2021-20417, CVE-2021-20415

Affected product(s) and affected version(s):

Affected Product

Version

GDE

4.0.0.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6469691
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/196219
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/196217

More stories

Security Bulletin: Multiple vulnerabilities in Apache HTTP Server affect IBM i

Sep 24, 2021 8:00 pm EDT | Medium Severity

Apache HTTP Server on IBM i is vulnerabile to the issues described in the vulnerability details section. IBM i has addressed the vulnerabilities in the Apache HTTP Server implementation as described in the remediation/fixes section. ...read more


Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability.

Sep 23, 2021 8:00 pm EDT | Medium Severity

WebSphere Application Server Liberty used by Rational Asset Analyzer is vulnerable to an XML External Entity Injection (XXE) vulnerability. This has been addressed. ...read more


Security Bulletin: IBM Jazz for Service Management is vulnerable to stored cross-site scripting (CVE-2021-38877)

Sep 22, 2021 8:04 pm EDT | Medium Severity

IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ...read more