Low Severity

Security Bulletin: Vulnerability CVE-2021-39023 in IBM Guardium Data Encryption (GDE)

Share this post:

Vulnerability identified in IBM Guardium Data Encryption (GDE). Please apply the latest version for the fixes.

CVE(s): CVE-2021-39023

Affected product(s) and affected version(s):

Product Name   Component Name Affected Version 
IBM Guardium Data Encryption (GDE) Guardium Cloud Key Manager (GCKM) 1.10.1
IBM Guardium Data Encryption (GDE) CipherTrust Tokenization Server (CT-VL) 2.6.4.21
IBM Guardium Data Encryption (GDE) CipherTrust Manager ( CM) 2.6

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6582473
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/213860

More stories

Security Bulletin: Information Disclosure in IBM Spectrum Protect Operations Center (CVE-2022-22494)

June 29, 2022 | Low Severity

IBM Spectrum Protect Operations Center may disclosure database information in error messages sent to the user which could be used in future attacks. ...read more


Security Bulletin: IBM Sterling Connect:Direct for UNIX is vulnerable to denial of service due to zlib (CVE-2018-25032)

June 29, 2022 | Low Severity

There is a vulnerability in the zlib library used by IBM Sterling Connect:Direct for UNIX. IBM Sterling Connect:Direct for UNIX has addressed the applicable issue. ...read more


Security Bulletin: IBM Sterling Connect:Direct for UNIX is vulnerable to unauthorized sensitive information access due to IBM Java (CVE-2021-35603)

June 29, 2022 | Low Severity

IBM Java is used by IBM Sterling Connect:Direct for UNIX on AIX, Linux, and Solaris platforms in product configuration, management, and data transmission. IBM Sterling Connect:Direct for UNIX on AIX, Linux, and Solaris platforms is impacted by an unauthorized sensitive information access issue in IBM Java (CVE-2021-35603). IBM Sterling Connect:Direct for UNIX on AIX, Linux, and Solaris platforms has upgraded IBM Java to version 8.0.7.10 to address the issue. ...read more