Medium Severity
Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Spectrum Control (CVE-2020-2654, CVE-2020-2781, CVE-2020-2800)
August 20, 2020
Categorized: Medium Severity
Share this post:
There are vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control . These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU January 2020 and April 2020.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Spectrum Control | 5.3.1 – 5.3.7 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6261323
Security Bulletin: IBM Security Identity Governance and Intelligence is vulnerable to Denial of Service (CVE-2021-35578)
May 18, 2022 | Medium Severity
IBM Security Identity Governance and Intelligence is vulnerable to denial of service by an unauthenticated attacker due to a vulnerability in Java SE related to the JSSE component (CVE-2021-35578). The fix includes upgrading Java SE and Liberty to patched versions. ...read more
Security Bulletin: IBM Security Identity Governance and Intelligence is vulnarable to exposure of sensitive information (CVE-20204970)
May 18, 2022 | Medium Severity
IBM Security Identity Governance and Intelligence could expose sensitive information due to non enforcement of HTTP Strict Transport Security (CVE-2020-4970). This vulnerability can lead to various security threats and has been resolved by implementing the required code fix. ...read more
Security Bulletin: Multiple Vulnerabilities in Apache Commons Compress affect WebSphere Application Server
May 18, 2022 | Medium Severity
Security Vulnerabilities in WebSphere Liberty affect IBM Voice Gateway. ...read more