High Severity

Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Share this post:

A vulnerability in Apache Tomcat affects the product’s management GUI, potentially allowing an attacker to cause a denial of service. The Command Line Interface is unaffected.

CVE(s): CVE-2021-42340

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
SAN Volume Controller and Storwize Family 8.4

Versions 8.3.1 and earlier are not affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6541270
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211354

More stories

Security Bulletin: One or more security vulnerabilities has been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics (CVE-2020-4230,CVE-2020-4135,CVE-2020-4204,CVE-2020-4200)

June 23, 2022 | High Severity

IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin (CVE-2020-4230,CVE-2020-4135,CVE-2020-4204,CVE-2020-4200). ...read more

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

June 23, 2022 | High Severity

IBM Security Guardium has addressed the following vulnerabilities. ...read more