Medium Severity

Security Bulletin: Vulnerability in IBM Java Runtime affects Watson Explorer and Watson Explorer Content Analytics Studio (CVE-2019-2989)

Share this post:

There is a vulnerability in IBM® Runtime Environment Java™ Version 8 and Version 7 used by Watson Explorer and Watson Explorer Content Analytics Studio. Watson Explorer and Watson Explorer Content Analytics Studio have addressed the applicable CVE.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Watson Explorer Deep Analytics Edition Foundational Components
12.0.0.0, 12.0.0.1
12.0.1,
12.0.2.0 – 12.0.2.2,
12.0.3, 12.0.3.1
IBM Watson Explorer Deep Analytics Edition Analytical Components
12.0.0.0,
12.0.1,
12.0.2.0 – 12.0.2.2,
12.0.3, 12.0.3.1
IBM Watson Explorer Deep Analytics Edition oneWEX
12.0.0.0,
12.0.1,
12.0.2.0 – 12.0.2.2,
12.0.3, 12.0.3.1
IBM Watson Explorer Foundational Components 11.0.0.0 – 11.0.0.3,
11.0.1,
11.0.2.0 – 11.0.2.5
IBM Watson Explorer Foundational Components 10.0.0.0 – 10.0.0.6
IBM Watson Explorer Foundational Components Annotation Administration Console

12.0.0.0, 12.0.1,12.0.2.0 – 12.0.2.2, 12.0.3, 12.0.3.1

IBM Watson Explorer Foundational Components Annotation Administration Console 11.0 – 11.0.0.3,
11.0.1,
11.0.2, 11.0.2.1 – 
11.0.2.5
IBM Watson Explorer Foundational Components Annotation Administration Console 10.0 – 10.0.0.6
Watson Explorer Analytical Components 11.0 – 11.0.0.3,
11.0.1,
11.0.2, 11.0.2.1 – 
11.0.2.5
Watson Explorer Analytical Components 10.0 – 10.0.0.2
IBM Watson Explorer Content Analytics Studio 12.0.0, 12.0.1, 12.0.2, 12.0.3
IBM Watson Explorer Content Analytics Studio 11.0.0.0 – 11.0.0.3,
11.0.1.0 – 11.0.2.2

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/2440023

More stories

Security Bulletin: CVE-2019-2989 vulnerabilitiy in IBM Java Runtime affects IBM Integration Designer used in IBM Business Automation Workflow and IBM Business Process Manager

Apr 1, 2020 8:00 pm EDT | Medium Severity

A vulnerabilitiy exists in IBM® Runtime Environment Java™ Versions 7 and 8 used by IBM Integration Designer. IBM Integration Designer has addressed the applicable CVE. ...read more


Security Bulletin: IBM Process Federation Server REST API is subject to DoS attacks

Apr 1, 2020 8:00 pm EDT | Medium Severity

IBM Process Federation Server Global Teams REST API does not properly shut down the thread pools that it creates, leading to OutOfMemory exceptions, and could be targeted by DoS attacks. ...read more


Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data returning decrypted credentials

Mar 31, 2020 8:01 pm EDT | Medium Severity

IBM Watson Discovery for IBM Cloud Pak for Data returns decrypted credentials for data soruces in JSON response of internal API for processing settings. ...read more