Medium Severity

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2020-14577, CVE-2020-14578, CVE-2020-14579, CVE-2020-14621)

Nov 17, 2020 7:00 pm EST

Share this post:

There are multiple vulnerabilities in IBM® SDK Java™ and IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVEs.

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
IBM Decision Optimization Center (DOC)	3.9.1
IBM Decision Optimization Center (DOC)	3.9.0.2
IBM ILOG Optimization Decision Manager Enterprise (ODME)	3.9.0.1
IBM Decision Optimization Center (DOC)	3.9
IBM Decision Optimization Center (DOC)	3.8.0.2
IBM Decision Optimization Center (DOC)	3.8.0.1
IBM Decision Optimization Center (DOC)	3.8
IBM Decision Optimization Center (DOC)	3.7.0.2
IBM ILOG Optimization Decision Manager Enterprise (ODME)	3.7.0.1
IBM ILOG Optimization Decision Manager Enterprise (ODME)	3.7

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6369221

Medium Severity

Security Bulletin: App Connect Enterprise Certified Container Dashboard is vulnerable to (CVE-2020-15168)

Search Posts

Resources

Feed for PSIRT Blog Posts

IBM Product Security Vulnerabilities

See information about: IBM Security Bulletins, IBM Security Vulnerability Management (PSIRT), Reporting a Security Issue, IBM Secure Engineering

Learn More

IBM Product Support Portal

Access IBM Product Support to: Subscribe to Notifications, Download Fixes & PTFs (Fix Central), Access the Directory of IBM Worldwide Contacts

See What's New

Helpful Information

Security Bulletin: Multiple vulnerabilites affect IBM Engineering products.

Feb 26, 2021 7:01 pm EST | Medium Severity

There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management (ELM), Global Configuration Management (GCM), IBM Engineering Requirements Management DOORS Next (DOORS Next), IBM Engineering Requirements Quality Assistant On-Premises (RQA On-Prem), IBM Engineering Lifecycle Optimization - Engineering Insights (ENI), IBM Engineering Workflow Management (EWM), IBM Engineering Systems Design Rhapsody - Design Manager (RDM), IBM Engineering Systems Design Rhapsody - Model Manager (RMM). ...read more

Security Bulletin: IBM Cloud Private is vulnerable to Kubernetes vulnerabilities (CVE-2020-8566, CVE-2020-8565, CVE-2020-8563, CVE-2020-8564)

Feb 26, 2021 7:01 pm EST | Medium Severity

IBM Cloud Private is vulnerable to Kubernetes vulnerabilities ...read more

Security Bulletin: IBM Cloud Private is vulnerable to a WebSphere Application Server Liberty vulnerability (CVE-2020-4590)

Feb 26, 2021 7:01 pm EST | Medium Severity

IBM Cloud Private is vulnerable to a WebSphere Application Server Liberty vulnerability ...read more

Medium Severity

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Decision Optimization Center (CVE-2020-14577, CVE-2020-14578, CVE-2020-14579, CVE-2020-14621)

Security Bulletin: App Connect Enterprise Certified Container Dashboard is vulnerable to (CVE-2020-15168)

Security Bulletin: An unspecified vulnerability in Java SE or Oracle Java SE could allow an unauthenticated attacker

Search Posts

Archives

Resources

IBM Product Security Vulnerabilities

IBM Product Support Portal

Helpful Information

Security Bulletin: Multiple vulnerabilites affect IBM Engineering products.

Feb 26, 2021 7:01 pm EST | Medium Severity

Security Bulletin: IBM Cloud Private is vulnerable to Kubernetes vulnerabilities (CVE-2020-8566, CVE-2020-8565, CVE-2020-8563, CVE-2020-8564)

Feb 26, 2021 7:01 pm EST | Medium Severity

Security Bulletin: IBM Cloud Private is vulnerable to a WebSphere Application Server Liberty vulnerability (CVE-2020-4590)

Feb 26, 2021 7:01 pm EST | Medium Severity