Low Severity

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Integration Bus and IBM App Connect Enterprise (CVE-2020-1968)

Share this post:

Vulnerabilities in OpenSSL affect IBM Integration Bus and IBM App Connect Enterprsie. The DataDirect ODBC Drivers used by IBM App Connect Enterprise and IBM Integration Bus have addressed the applicable CVEs.

Affected product(s) and affected version(s):

IBM App Connect V11.0.0.0 – V11.0.0.11

IBM Integration Bus V10.0.0.0 -V10.0.0.23     

IBM Integration Bus V9.0.0.0 – V9.0.0.11

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6444819

More stories

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities – Java SE (CVE-2020-2773)

Jun 9, 2021 8:00 pm EDT | Low Severity

IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE. ...read more


Security Bulletin: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker

Jun 7, 2021 8:00 pm EDT | Low Severity

An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. ...read more


Security Bulletin: IBM DataPower Gateway GUI permits use of GET

Jun 4, 2021 8:01 pm EDT | Low Severity

The IBM DataPower GUI uses HTTP POST for operations that require information from the client. However, the GUI also responds to GET operations on the same URLs. While such GET operations are never initiated by the GUI, use of GET in such a manner could reveal sensitive information, so the GUI will no longer accept URL query parameters on GET operations ...read more