Medium Severity

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Netcool Impact (CVE-2022-21496, CVE-2022-21434, CVE-2022-21443)

Share this post:

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVEs. These issues were disclosed in the Oracle April 2022 Critical Patch Update, minus CVE-2022-21426

CVE(s): CVE-2022-21496 , CVE-2022-21434 , CVE-2022-21443

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Tivoli Netcool Impact 7.1.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6601533
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/224777
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/224718
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/224726

More stories

Security Bulletin: IBM Netezza for Cloud Pak for Data is vulnerable to injection attack due to urllib package in Python3 (CVE-2022-0391)

August 9, 2022 | Medium Severity

IBM Netezza for Cloud Pak for Data is vulnerable to injection attack due to improper input validation by the urllib.parse module from Python3. Vulnerability is addressed by upgrading Pytthon to version 3.9.7. ...read more


Security Bulletin: IBM Sterling B2B Integrator is vulnerable to denial of service due to SnakeYAML (CVE-2017-18640)

August 9, 2022 | Medium Severity

MyFG 2.0 of IBM Sterling B2B Integrator uses SnakeYAML. There is a denial of service vulnerability in SnakeYAML which has been addressed. ...read more


Security Bulletin: Vulnerabilities in the Java JDK affect IBM Event Streams (CVE-2021-35550, CVE-2021-35603)

August 9, 2022 | Medium Severity

There are a number of vulnerabilities in the Java JDK used by IBM Event Streams. ...read more