High Severity

Security Bulletin: Vulnerabilities in the Python, Docker, and ICP affect IBM Spectrum Discover

Share this post:

Vulnerabilities in the Python, Docker, and ICP such as a hole to obtain confidential information, denial of service, unauthorized access with high privileges, duplicate entries and CRLF injection, may affect IBM Spectrum Discover

CVE(s): CVE-2020-8566, CVE-2020-8565, CVE-2020-8563, CVE-2020-8564, CVE-2021-21285, CVE-2021-21284, CVE-2020-26137, CVE-2020-15187, CVE-2020-15186, CVE-2020-15185, CVE-2020-15184, CVE-2020-8553, CVE-2020-8557, CVE-2020-8559, CVE-2020-26116, CVE-2020-8555, CVE-2018-1002102, CVE-2019-11255, CVE-2019-11252, CVE-2020-8558, CVE-2020-25659, Third Party Entry:   182747

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Spectrum Discover 2.0.3 – 2.0.4 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6452959
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/189926
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/189925
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/189923
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/189924
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/196049
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/196047
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/189426
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/188456
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/188455
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/188454
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/188453
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/186050
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/185301
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/185302
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/189404
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/182744
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/172732
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/171570
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/185780
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/184769
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/192485

More stories

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM InfoSphere Master Data Management

Jun 22, 2021 8:01 pm EDT | High Severity

WebSphere Application Server traditional is vulnerable to an XML External Entity (XXE) Injection vulnerability ...read more


Security Bulletin: IBM Security Guardium is affected by Oracle MySQL vulnerabilities

Jun 22, 2021 8:01 pm EDT | High Severity

IBM Security Guardium has fixed this vulnerability ...read more


Security Bulletin: IBM Security Verify Password Synchronization Plug-in for Windows AD affected by multiple vulnerabilities (CVE-2021-20488, CVE-2021-20494, CVE-2021-20572, CVE-2021-20573, CVE-2021-20574)

Jun 22, 2021 8:01 pm EDT | High Severity

IBM has announced a release for IBM Security Verify Password Synchronization Plug-in for Windows AD to address several security vulnerabilities. The vulnerabilities concern denial of service and account take over. ...read more