Medium Severity

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Integration Bus (CVE-2021-3712)

Share this post:

Vulnerabilities in OpenSSL affect IBM Integration Bus The DataDirect ODBC Drivers & Nodejs used by IBM Integration Bus have addressed the applicable CVEs

CVE(s): CVE-2021-3712

Affected product(s) and affected version(s):

IBM App Connect Enterprise – 12.0.x Marked as Invalid

IBM App Connect Enterprise – 9.0.x Marked as Invalid

IBM App Connect Enterprise – 11.0.x Marked as Invalid

IBM Integration Bus V10.0.0 – V10.0.0.24

('IT38663 addresses the DataDirect ODBC driver' )

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6526078
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/208073

More stories

Security Bulletin: IBM Sterling Control Center is vulnerable to remote code execution due to Apache Log4j (CVE-2021-44832)

Jan 21, 2022 7:00 pm EST | Medium Severity

Apache Log4j remote code execution vulnerability affects IBM Sterling Control Center. Customers are strongly encouraged to take action and apply the fix below. ...read more


Security Bulletin: Sensitive information in logs vulnerability affects IBM Sterling Gentran:Server for Windows (CVE-2021-39032)

Jan 21, 2022 7:00 pm EST | Medium Severity

IBM Sterling Gentran:Server for Windows has addressed a potential vulnerability where sensitive information could be stored in log files. ...read more


Security Bulletin: Vulnerability in Apache Log4j may affect IBM Spectrum Archive Enterprise Edition (CVE-2021-44832)

Jan 21, 2022 7:00 pm EST | Medium Severity

A vulnerability in Apache Log4j could result in remote code execution. IBM Spectrum Archive Enterprise Edition includes the IBM Spectrum Protect Backup-Archive Client which installs the vulnerable Log4j files. The below fix package includes Apache Log4j 2.17.1. ...read more