High Severity

Security Bulletin: Vulnerability in bind (CVE-2020-8616 and CVE-2020-8617).

Sep 19, 2020 8:00 pm EDT

Share this post:

BIND is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs.

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
HMC V9.1.910.0	V9.1.910.0 and later

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6335055

High Severity

Security Bulletin: Vulnerability in ntp (CVE-2020-11868 and CVE-2020-13817).

Search Posts

Resources

Feed for PSIRT Blog Posts

IBM Product Security Vulnerabilities

See information about: IBM Security Bulletins, IBM Security Vulnerability Management (PSIRT), Reporting a Security Issue, IBM Secure Engineering

Learn More

IBM Product Support Portal

Access IBM Product Support to: Subscribe to Notifications, Download Fixes & PTFs (Fix Central), Access the Directory of IBM Worldwide Contacts

See What's New

Helpful Information

Security Bulletin: Vulnerability in jackson-databind affect IBM Spectrum Symphony

Mar 5, 2021 7:00 pm EST | High Severity

Vulnerability exist in the Jackson databind, core, and annotations version used by IBM Spectrum Symphony V7.3.1, V7.3, V7.2.1, and V7.2.0.2. Interim fixes that provide instructions on upgrading the Jackson databind, core, and annotations package to version 2.12.1 (which resolves the vulnerability) are available on IBM Fix Central. ...read more

Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow – CVE-2020-4687, CVE-2020-4760, CVE-2020-4704

Mar 5, 2021 7:00 pm EST | High Severity

The embedded IBM Content Navigator, that is shipped with IBM Business Automation Workflow is vulnerable to several security vulnerabilities. ...read more

Security Bulletin: Google-api-client as used by IBM QRadar SIEM is vulnerable to authorization bypass (CVE-2020-7692)

Mar 4, 2021 7:00 pm EST | High Severity

Google-api-client as used by IBM QRadar SIEM is vulnerable to authorization bypass, caused by no PKCE support implemented. ...read more

High Severity

Security Bulletin: Vulnerability in bind (CVE-2020-8616 and CVE-2020-8617).

Security Bulletin: Vulnerability in ntp (CVE-2020-11868 and CVE-2020-13817).

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability

Search Posts

Archives

Resources

IBM Product Security Vulnerabilities

IBM Product Support Portal

Helpful Information

Security Bulletin: Vulnerability in jackson-databind affect IBM Spectrum Symphony

Mar 5, 2021 7:00 pm EST | High Severity

Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow – CVE-2020-4687, CVE-2020-4760, CVE-2020-4704

Mar 5, 2021 7:00 pm EST | High Severity

Security Bulletin: Google-api-client as used by IBM QRadar SIEM is vulnerable to authorization bypass (CVE-2020-7692)

Mar 4, 2021 7:00 pm EST | High Severity