Medium Severity

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to remote access due to Go CVE-2022-29526

Share this post:

Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to remote access due to Go CVE-2022-29526 with details below

CVE(s): CVE-2022-29526

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Platform Navigator in IBM Cloud Pak for Integration (CP4I) 2020.4.1
2021.1.1
2021.2.1
2021.3.1
2021.4.1
2022.2.1
Automation Assets in IBM Cloud Pak for Integration (CP4I) 2020.4.1
2021.1.1
2021.2.1
2021.4.1
2022.2.1

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6611581
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/229593

More stories

Security Bulletin: IBM Robotic Process Automation is vulnerable to man in the middle attacks through manipulation of client proxy (CVE-2022-36774)

October 3, 2022 | Medium Severity

IBM Robotic Process automation is vulnerable to man in the middle attacks through manipulation of the client proxy configuration. ...read more


Security Bulletin: IBM Robotic Process Automation is vulnerable to a remote attacker bypassing security restrictions due to node.js got module (CVE-2022-33987)

October 3, 2022 | Medium Severity

Node.js got module is used by IBM Robotic Process Automation as part of the web carbon framework. CVE-2022-33987. The fix includes carbon-components 10.56.0. ...read more


Security Bulletin: IBM Robotic Process Automation is vulnerable to cross origin resource shareing using the bot api (CVE-2022-41294)

October 3, 2022 | Medium Severity

IBM Robotic Process Automation is vulnerable to cross origin resource sharing using the bot api. ...read more