High Severity

Security Bulletin: Vulnerabilities in IBM Db2, Golang Go, and Logback may affect the IBM Spectrum Protect Server (CVE-2022-30631, CVE-2022-30633, CVE-2022-1705, CVE-2022-22389, CVE-2022-22390, CVE-2021-42550, CVE-2022-30629)

Share this post:

The IBM Spectrum Protect Server may be affected by vulnerabilities in IBM Db2, Golang Go, and Logback such as denial of service, HTTP request smuggling, obtaining sensitive information, and execution of arbitrary code.

CVE(s): CVE-2022-30631, CVE-2022-30633, CVE-2022-1705, CVE-2022-22389, CVE-2022-22390, CVE-2021-42550, CVE-2022-30629

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Spectrum Protect Server 8.1.0.000-8.1.15.xxx

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6621115
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/233144
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/233146
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/233258
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/221970
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/221973
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215533
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/229859

More stories

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility

September 22, 2022 | High Severity

There are multiple vulnerabilities in IBM® Semeru Runtime Certified Edition 11 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. ...read more


Security Bulletin: A spoofing vulnerablity due to an exposure in Eclipse Paho used by IBM WebSphere Application Server Liberty affects TXSeries for Multiplatforms

September 22, 2022 | High Severity

TXSeries for Multiplatforms has addressed the following identity spoofing vulnerability in Eclipse Paho reported by IBM® WebSphere Application Server Liberty ...read more


Security Bulletin: IBM CICS TX Advanced is vulnerable to spoofing due to a flaw in Eclipse Paho, used by IBM WebSphere Application Server Liberty (CVE-2019-11777)

September 22, 2022 | High Severity

WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the spoofing vulnerability CVE-2019-11777 from Liberty. ...read more