Medium Severity

Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise & IBM Integration Bus (CVE-2021-4160)

Share this post:

IBM App Connect Enterprise and IBM Integration Bus ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below.

CVE(s): CVE-2021-4160

Affected product(s) and affected version(s):

 

Affected Product(s) Version(s)
IBM App Connect Enterprise 12.0.1.0 – 12.0.3.0
IBM App Connect Enterprise 11.0.0.0 – 11.0.0.16
IBM Integration Bus 10.0.0.0 – 10.0.0.26

 

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6585694
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/218394

More stories

Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting (CVE-2022-22436)

July 5, 2022 | Medium Severity

IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting. ...read more


Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting (CVE-2022-22435)

July 5, 2022 | Medium Severity

IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting. ...read more


Security Bulletin: IBM Event Streams is vulnerable to arbitrary code execution due to the Fabric8 Kubernetes client (CVE-2021-4178)

July 5, 2022 | Medium Severity

There is a vulnerability in the Fabric8 Kubernetes client. The library is used by IBM Event Streams. ...read more