Low Severity

Security Bulletin: Vulnerability in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services v2.1.1 (CVE-2020-2654)

Share this post:

There is a vulnerability in IBM® Runtime Environment Java™ Version 7 used by Financial Transaction Manager for Corporate Payment Services v2.1.1. Financial Transaction Manager for Corporate Payment Services (FTM CPS) v2.1.1 has addressed the applicable CVE.
If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether additional Java vulnerabilities are applicable to your code. For a complete list of vulnerabilities, refer to the “IBM Java SDK Security Bulletin”, located in the References section for more information.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Financial Transaction Manager for Corporate Payment Services for MP 2.1.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6220096

More stories

Security Bulletin: Vulnerabilities in Apache Commons and Log4j affect IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments

Nov 21, 2020 7:00 pm EST | Low Severity

Vulnerabilities in Apache Commons and Log4j, such as execution of arbitrary code on the system, man-in-the-middle attack, and information disclosure, could affect the IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments. ...read more


Security Bulletin: IBM Java Runtime Vulnerabilities affect the IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments

Nov 21, 2020 7:00 pm EST | Low Severity

Vulnerabilities in IBM® Runtime Environment Java™ such as denial of service and ability to obtain sensitive information could affect the IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Envionments. These vulnerabilities were disclosed as part of the IBM Java SDK updates in April and July 2020. ...read more


Security Bulletin: IBM Spectrum Protect Server allows Triple DES (3DES) ciphers to be used (CVE-2018-1785)

Nov 20, 2020 7:00 pm EST | Low Severity

IBM Spectrum Protect Server allows Triple DES (3DES) ciphers to be used. This can result in the use of weaker than expected cryptographic algorithms. ...read more