High Severity
Security Bulletin: Vulnerabilities in IBM Java Runtime and Golang Go affect IBM Spectrum Protect Server (CVE-2021-35578, CVE-2021-44716, CVE-2021-44717)
March 11, 2022
Categorized: High Severity
Share this post:
The IBM Spectrum Protect Server might be affected by vulnerabilties in IBM® Runtime Environment Java™ and Golang Go such as denial of service and bypassing security restrictions. The Java vulnerability was disclosed as part of the IBM Java SDK updates in October 2021.
CVE(s): CVE-2021-35578 , CVE-2021-44716, CVE-2021-44717
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Spectrum Protect Server |
8.1.0.000-8.1.13.xxx (Java CVE) |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6562873
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211654
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216553
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216563
Security Bulletin: IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerability CVE-2022-0778
May 20, 2022 | High Severity
An issue was identifed in OpenSSL when MQ is using it to parse certificates. ...read more
Security Bulletin: OpenSSL publicly disclosed vulnerability affects IBM MobileFirst Platform Foundation
May 17, 2022 | High Severity
IBM MobileFirst Platform Foundation has addressed the following vulnerability by updating the version of OpenSSL ...read more
Security Bulletin: Vulnerabilities in IBM HTTP Server affect IBM Netezza Performance Portal
May 17, 2022 | High Severity
IBM HTTP Server is used by IBM Netezza Performance Portal. IBM Netezza Performance Portal has addressed the applicable CVEs. ...read more