Medium Severity
Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise & IBM Integration Bus (CVE-2021-4160)
May 12, 2022
Categorized: Medium Severity
Share this post:
IBM App Connect Enterprise and IBM Integration Bus ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below.
CVE(s): CVE-2021-4160
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM App Connect Enterprise | 12.0.1.0 – 12.0.3.0 |
| IBM App Connect Enterprise | 11.0.0.0 – 11.0.0.16 |
| IBM Integration Bus | 10.0.0.0 – 10.0.0.26 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6585694
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/218394
Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting (CVE-2022-22436)
July 5, 2022 | Medium Severity
IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting. ...read more
Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting (CVE-2022-22435)
July 5, 2022 | Medium Severity
IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to cross-site scripting. ...read more
Security Bulletin: IBM Event Streams is vulnerable to arbitrary code execution due to the Fabric8 Kubernetes client (CVE-2021-4178)
July 5, 2022 | Medium Severity
There is a vulnerability in the Fabric8 Kubernetes client. The library is used by IBM Event Streams. ...read more