High Severity

Security Bulletin: Vulnerability in jackson-databind affect IBM Spectrum Symphony

Share this post:

Vulnerability exist in the Jackson databind, core, and annotations version used by IBM Spectrum Symphony V7.3.1, V7.3, V7.2.1, and V7.2.0.2. Interim fixes that provide instructions on upgrading the Jackson databind, core, and annotations package to version 2.12.1 (which resolves the vulnerability) are available on IBM Fix Central.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Spectrum Symphony 7.3.1
IBM Spectrum Symphony 7.3
IBM Spectrum Symphony 7.2.1
IBM Spectrum Symphony 7.2.0.2

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6423757

More stories

Security Bulletin: WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability (CVE-2021-20454)

Apr 20, 2021 8:00 pm EDT | High Severity

WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability. This has been addressed. ...read more


Security Bulletin: Update available for OpenSSL vulnerabilities affecting IBM Watson Speech Services 1.2.1

Apr 20, 2021 8:00 pm EDT | High Severity

There is an update available for OpenSSL vulnerabilities affecting IBM Watson Speech Services 1.2.1. ...read more


Security Bulletin: WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability (CVE-2021-20453)

Apr 19, 2021 8:01 pm EDT | High Severity

WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability. This has been addressed. ...read more