High Severity

Security Bulletin: Vulnerability in OpenSSL affects IBM Watson Explorer (CVE-2022-0778)

June 21, 2022

Share this post:

OpenSSL is used by IBM Watson Explorer OneWEX and Foundational Components. IBM Watson Explorer has addressed the applicable CVE (CVE-2022-0778).

CVE(s): CVE-2022-0778

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
IBM Watson Explorer Deep Analytics Edition oneWEX Components	12.0.0.0, 12.0.0.1 12.0.1, 12.0.2.0 – 12.0.2.2, 12.0.3.0 – 12.0.3.10
IBM Watson Explorer DAE Foundational Components	12.0.0, 12.0.1, 12.0.2.0 – 12.0.2.2, 12.0.3.0 – 12.0.3.10
IBM Watson Explorer Foundational Components	11.0.0.0 – 11.0.0.3, 11.0.1, 11.0.2.0 – 11.0.2.14

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6591059
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/221911

High Severity

Security Bulletin: IBM Sterling Connect:Direct Browser User Interface has multiple vulnerabilities due to IBM Java

Search Posts

Resources

Feed for PSIRT Blog Posts

IBM Product Security Vulnerabilities

See information about: IBM Security Bulletins, IBM Security Vulnerability Management (PSIRT), Reporting a Security Issue, IBM Secure Engineering

Learn More

IBM Product Support Portal

Access IBM Product Support to: Subscribe to Notifications, Download Fixes & PTFs (Fix Central), Access the Directory of IBM Worldwide Contacts

See What's New

Helpful Information

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

June 27, 2022 | High Severity

IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, Java SE and various other libraries. ...read more

Security Bulletin: A Remote Attack Vulnerability in Apache Log4j affects IBM Common Licensing's License Key Server (LKS) Administration And Reporting Tool (ART) and its Agent(CVE-2021-4104,CVE-2021-44832,CVE-2021-3100,CVE-2022-33915).

June 27, 2022 | High Severity

There is a high risk Remote Attack Vulnerability in Apache Log4j (CVE-2021-4104,CVE-2021-44832,CVE-2021-3100,CVE-2022-33915) which is used by IBM LKS Administration And Reporting Tool and its Agent. A fix is available to address the vulnerability. ...read more

Security Bulletin: Vulnerabilities in lodash library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2019-1010266, CVE-2020-28500, CVE-2018-16487, CVE-2018-3721, CVE-2020-8203, CVE-2021-23337, CVE-2019-10744)

June 27, 2022 | High Severity

lodash is used by Tivoli Netcool/OMNIbus WebGUI as part of its web client component. The fix includes lodash v4.17.21. ...read more

High Severity

Security Bulletin: Vulnerability in OpenSSL affects IBM Watson Explorer (CVE-2022-0778)

Security Bulletin: IBM Sterling Connect:Direct Browser User Interface has multiple vulnerabilities due to IBM Java

Security Bulletin: IBM Sterling Connect:Direct FTP+ is vulnerable to unauthorized data access due to IBM Java (CVE-2021-35550)

Search Posts

Archives

Resources

IBM Product Security Vulnerabilities

IBM Product Support Portal

Helpful Information

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

June 27, 2022 | High Severity

Security Bulletin: A Remote Attack Vulnerability in Apache Log4j affects IBM Common Licensing's License Key Server (LKS) Administration And Reporting Tool (ART) and its Agent(CVE-2021-4104,CVE-2021-44832,CVE-2021-3100,CVE-2022-33915).

June 27, 2022 | High Severity

Security Bulletin: Vulnerabilities in lodash library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2019-1010266, CVE-2020-28500, CVE-2018-16487, CVE-2018-3721, CVE-2020-8203, CVE-2021-23337, CVE-2019-10744)

June 27, 2022 | High Severity