Medium Severity

Security Bulletin: Vulnerabilities in jQuery, Spring, Dom4j, MongoDB, Linux Kernel, Targetcli-fb, Jackson, Node.js, and Apache Commons affect IBM Spectrum Protect Plus

Nov 20, 2020 7:00 pm EST

Share this post:

Multiple vulnerabilities in jQuery, Spring, Dom4j, MongoDB, Linux Kernel, Targetcli-fb, Jackson, Node.js, and Apache Commons affect IBM Spectrum Protect Plus.

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
IBM Spectrum Protect Plus	10.1.0-10.1.6

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6367943

Medium Severity

Security Bulletin: Static Credential Vulnerability in IBM Spectrum Protect Plus (CVE-2020-4854)

Search Posts

Resources

Feed for PSIRT Blog Posts

IBM Product Security Vulnerabilities

See information about: IBM Security Bulletins, IBM Security Vulnerability Management (PSIRT), Reporting a Security Issue, IBM Secure Engineering

Learn More

IBM Product Support Portal

Access IBM Product Support to: Subscribe to Notifications, Download Fixes & PTFs (Fix Central), Access the Directory of IBM Worldwide Contacts

See What's New

Helpful Information

Security Bulletin: Multiple vulnerabilites affect IBM Engineering products.

Feb 26, 2021 7:01 pm EST | Medium Severity

There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management (ELM), Global Configuration Management (GCM), IBM Engineering Requirements Management DOORS Next (DOORS Next), IBM Engineering Requirements Quality Assistant On-Premises (RQA On-Prem), IBM Engineering Lifecycle Optimization - Engineering Insights (ENI), IBM Engineering Workflow Management (EWM), IBM Engineering Systems Design Rhapsody - Design Manager (RDM), IBM Engineering Systems Design Rhapsody - Model Manager (RMM). ...read more

Security Bulletin: IBM Cloud Private is vulnerable to Kubernetes vulnerabilities (CVE-2020-8566, CVE-2020-8565, CVE-2020-8563, CVE-2020-8564)

Feb 26, 2021 7:01 pm EST | Medium Severity

IBM Cloud Private is vulnerable to Kubernetes vulnerabilities ...read more

Security Bulletin: IBM Cloud Private is vulnerable to a WebSphere Application Server Liberty vulnerability (CVE-2020-4590)

Feb 26, 2021 7:01 pm EST | Medium Severity

IBM Cloud Private is vulnerable to a WebSphere Application Server Liberty vulnerability ...read more

Medium Severity

Security Bulletin: Vulnerabilities in jQuery, Spring, Dom4j, MongoDB, Linux Kernel, Targetcli-fb, Jackson, Node.js, and Apache Commons affect IBM Spectrum Protect Plus

Security Bulletin: Static Credential Vulnerability in IBM Spectrum Protect Plus (CVE-2020-4854)

Security Bulletin: Vulnerabilities in IBM Db2 and IBM Java Runtime affect IBM Spectrum Protect Server

Search Posts

Archives

Resources

IBM Product Security Vulnerabilities

IBM Product Support Portal

Helpful Information

Security Bulletin: Multiple vulnerabilites affect IBM Engineering products.

Feb 26, 2021 7:01 pm EST | Medium Severity

Security Bulletin: IBM Cloud Private is vulnerable to Kubernetes vulnerabilities (CVE-2020-8566, CVE-2020-8565, CVE-2020-8563, CVE-2020-8564)

Feb 26, 2021 7:01 pm EST | Medium Severity

Security Bulletin: IBM Cloud Private is vulnerable to a WebSphere Application Server Liberty vulnerability (CVE-2020-4590)

Feb 26, 2021 7:01 pm EST | Medium Severity