High Severity

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities

Share this post:

Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities with details below

CVE(s): CVE-2022-32212, CVE-2022-32213, CVE-2022-32223, CVE-2022-32214, CVE-2022-32222, CVE-2022-32215

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Platform Navigator in IBM Cloud Pak for Integration (CP4I) 2020.4.1
2021.1.1
2021.2.1
2021.3.1
2021.4.1
2022.2.1
Automation Assets in IBM Cloud Pak for Integration (CP4I) 2020.4.1
2021.1.1
2021.2.1
2021.4.1
2022.2.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6611585
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/230660
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/230657
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/230661
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/230658
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/230662
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/230659

More stories

Security Bulletin: IBM Security QRadar Analyst Workflow app for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

October 6, 2022 | High Severity

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM has addressed the vulnerabilities. ...read more


Security Bulletin: IBM QRadar DNS Analyzer App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities (CVE-2022-31129, CVE-2022-24785, CVE-2017-18214)

October 5, 2022 | High Severity

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM has addressed the vulnerabilities. ...read more


Security Bulletin: IBM Planning Analytics Workspace is affected by multiple vulnerabilities (CVE-2021-40690, CVE-2022-25647, XFID: 233967)

October 5, 2022 | High Severity

IBM Planning Analytics Workspace is affected by multiple vulnerabilities. Apache Santuario Security for Java provides a mechanism for XML-Signature & XML Encryption syntax and processing (CVE-2021-40690). Google Gson is an open-source Java library to serialize and deserialize Java objects to (and from) JSON (CVE-2022-25647). Maven okHTTP is an efficient HTTP & HTTP/2 client for Android and Java applications (XFID:233967). These vulnerabilities have been addressed. ...read more