High Severity

Security Bulletin: Multiple vulnerabilities in OpenSSL may affect IBM Workload Scheduler

Share this post:

OpenSSL vulnerabilities CVE-2021-3449 and CVE-2021-3450 have been disclosed by the OpenSSL Project. OpenSSL is used by IBM Workload Scheduler. IBM Workload Scheduler has addressed the CVE

CVE(s): CVE-2021-3449, CVE-2021-3450

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Workload Automation 9.5
IBM Workload Automation 9.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6479351
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/198752
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/198754

More stories

Security Bulletin: IBM Security QRadar Analyst Workflow app for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

October 6, 2022 | High Severity

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM has addressed the vulnerabilities. ...read more


Security Bulletin: IBM QRadar DNS Analyzer App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities (CVE-2022-31129, CVE-2022-24785, CVE-2017-18214)

October 5, 2022 | High Severity

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM has addressed the vulnerabilities. ...read more


Security Bulletin: IBM Planning Analytics Workspace is affected by multiple vulnerabilities (CVE-2021-40690, CVE-2022-25647, XFID: 233967)

October 5, 2022 | High Severity

IBM Planning Analytics Workspace is affected by multiple vulnerabilities. Apache Santuario Security for Java provides a mechanism for XML-Signature & XML Encryption syntax and processing (CVE-2021-40690). Google Gson is an open-source Java library to serialize and deserialize Java objects to (and from) JSON (CVE-2022-25647). Maven okHTTP is an efficient HTTP & HTTP/2 client for Android and Java applications (XFID:233967). These vulnerabilities have been addressed. ...read more