High Severity

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms Oct 2019 CPU (CVE-2019-2964, CVE-2019-2989 )

Share this post:

There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.0 to 4.1.0.3. These issues were disclosed as part of the IBM Java SDK updates in Oct 2019. There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by IBM Tivoli System Automation for Multiplatforms 4.1.0.4 to 4.1.0.5. These issues were disclosed as part of the IBM Java SDK updates in Oct 2019.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Tivoli System Automation for Multiplatforms 4.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/4790613

More stories

Security Bulletin: Vulnerability in jackson-databind affect IBM Spectrum Symphony

Mar 5, 2021 7:00 pm EST | High Severity

Vulnerability exist in the Jackson databind, core, and annotations version used by IBM Spectrum Symphony V7.3.1, V7.3, V7.2.1, and V7.2.0.2. Interim fixes that provide instructions on upgrading the Jackson databind, core, and annotations package to version 2.12.1 (which resolves the vulnerability) are available on IBM Fix Central. ...read more


Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow – CVE-2020-4687, CVE-2020-4760, CVE-2020-4704

Mar 5, 2021 7:00 pm EST | High Severity

The embedded IBM Content Navigator, that is shipped with IBM Business Automation Workflow is vulnerable to several security vulnerabilities. ...read more


Security Bulletin: Google-api-client as used by IBM QRadar SIEM is vulnerable to authorization bypass (CVE-2020-7692)

Mar 4, 2021 7:00 pm EST | High Severity

Google-api-client as used by IBM QRadar SIEM is vulnerable to authorization bypass, caused by no PKCE support implemented. ...read more