Security Bulletin: Vulnerability in Apache Log4j may affect Cúram Social Program Management (CVE-2020-9488)

Nov 25, 2021 7:01 pm EST | Low Severity

IBM Cúram Social Program Management uses the Apache Log4j libraries, for which there is a publicly known vulnerability. For this vulnerability, Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. ...read more

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM Installation Manager and IBM Packaging Utility

Nov 24, 2021 7:00 pm EST | Low Severity

There is a vulnerability in IBM Runtime Environment Java Version 8 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVE. ...read more

Security Bulletin: Application error in IBM Security Guardium Key Lifecycle Manager (CVE-2021-38980)

Nov 22, 2021 7:00 pm EST | Low Severity

Application error in IBM Security Guardium Key Lifecycle Manager (CVE-2021-38980). ...read more

Security Bulletin: Missing cookie secure attribute in IBM Security Guardium Key Lifecycle Manager (CVE-2021-38977)

Nov 12, 2021 7:48 pm EST | Low Severity

Missing cookie secure attribute in IBM Security Guardium Key Lifecycle Manager (CVE-2021-38977). ...read more

Security Bulletin: Hazardous input validation in IBM Security Guardium Key Lifecycle Manager (CVE-2021-38973)

Nov 12, 2021 7:47 pm EST | Low Severity

Hazardous input validation in IBM Security Guardium Key Lifecycle Manager (CVE-2021-38973). ...read more

Security Bulletin: Inadequate encryption strength in IBM Security Guardium Key Lifecycle Manager (CVE-2021-38984)

Nov 12, 2021 7:46 pm EST | Low Severity

Inadequate encryption strength in IBM Security Guardium Key Lifecycle Manager (CVE-2021-38984). ...read more

Security Bulletin: Hazardous input validation in IBM Security Guardium Key Lifecycle Manager 4.1.1 (CVE-2021-38973)

Nov 11, 2021 7:00 pm EST | Low Severity

Hazardous input validation in IBM Security Guardium Key Lifecycle Manager 4.1.1 (CVE-2021-38973). ...read more

Security Bulletin: A security vulnerability in Node.js affects IBM Cloud Pak for Multicloud Management Infrastructure Management and Managed Services

Nov 9, 2021 7:01 pm EST | Low Severity

A security vulnerability in Node.js affects IBM Cloud Pak for Multicloud Management Infrastructure Management and Managed Services. ...read more

Security Bulletin: A vulnerability in IBM Java SDK (July 2021) affects IBM InfoSphere Information Server (CVE-2021-2432)

Nov 8, 2021 7:01 pm EST | Low Severity

There is a vulnerability in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. This issue was disclosed as part of the IBM Java SDK updates in July 2021. ...read more