Medium Severity

Security Bulletin: The vulnerability CVE-2022-21299 in IBM Java SDK affects IBM WebSphere Cast Iron Solution & App Connect Professional

Share this post:

The CVE-2022-21299 issue was disclosed as part of the IBM Java SDK updates in Apr 2022, IBM WebSphere Cast Iron Solution & App Connect Professional have addressed the applicable CVEs. This vulnerability is addressed in App connect professional v7.5.5.0, customer can migrate to this version without incurring any additional cost.

CVE(s): CVE-2022-21299

Affected product(s) and affected version(s):

 

Affected Product(s) Version(s)
IBM WebSphere Cast Iron

v7.5.1.0

App Connect Professional 

v7.5.2.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6603983
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217594

More stories

Security Bulletin: IBM Robotic Process Automation is vulnerable to man in the middle attacks through manipulation of client proxy (CVE-2022-36774)

October 3, 2022 | Medium Severity

IBM Robotic Process automation is vulnerable to man in the middle attacks through manipulation of the client proxy configuration. ...read more


Security Bulletin: IBM Robotic Process Automation is vulnerable to a remote attacker bypassing security restrictions due to node.js got module (CVE-2022-33987)

October 3, 2022 | Medium Severity

Node.js got module is used by IBM Robotic Process Automation as part of the web carbon framework. CVE-2022-33987. The fix includes carbon-components 10.56.0. ...read more


Security Bulletin: IBM Robotic Process Automation is vulnerable to cross origin resource shareing using the bot api (CVE-2022-41294)

October 3, 2022 | Medium Severity

IBM Robotic Process Automation is vulnerable to cross origin resource sharing using the bot api. ...read more