Low Severity
Security Bulletin: This Power System update is being released to address CVE-2020-1968
May 23, 2022
Categorized: Low Severity
Share this post:
POWER9: In response to a security issue with FSP’s ASMi web GUI connection via OpenSSL a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2020-1968
CVE(s): CVE-2020-1968
Affected product(s) and affected version(s):
Firmware release FW940 and FW950 are affected.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6589103
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/187977
Security Bulletin: A security vulnerability has been identified in Zlib shipped with IBM Tivoli Netcool Impact (CVE-2018-25032)
July 6, 2022 | Low Severity
Zlib is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting Zlib has been published in a security bulletin. ...read more
Security Bulletin: IBM Engineering Lifecycle Management is vulnerable to execute local scripts to access the cookie(s) when set without the HttpOnly flag.(CVE-2021-20355)
July 6, 2022 | Low Severity
Summary guidance: - The Jazz Team Server is vulnerable to execute local scripts to access the cookie(s) and transmitted it to another site when cookie(s) is set without the HttpOnly flag. ...read more
Security Bulletin: A security vulnerability has been identified in in IBM Java SDK shipoped with IBM Tivoli Netcool Impact (CVE-2021-35603)
July 6, 2022 | Low Severity
There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable CVE. ...read more