IT36510: VULNERABILITY IN IBM JAVA RUNTIME AFFECTS STERLING C:D FILE AGENT (CVE-2020-14782)

Direct links to fixes

1.4.0.5-SterlingConnectDirectFileAgent-iFix002-zOS
1.4.0.5-SterlingConnectDirectFileAgent-iFix002-Windows
1.4.0.5-SterlingConnectDirectFileAgent-iFix002-Unix
1.4.0.5-SterlingConnectDirectFileAgent-iFix002-SolarisSPARC
1.4.0.5-SterlingConnectDirectFileAgent-iFix002-LinuxPPC
1.4.0.5-SterlingConnectDirectFileAgent-iFix002-Linux
1.4.0.5-SterlingConnectDirectFileAgent-iFix002-AIX
1.4.0.5-SterlingConnectDirectFileAgent-zOS
1.4.0.5-SterlingConnectDirectFileAgent-Windows
1.4.0.5-SterlingConnectDirectFileAgent-Unix
1.4.0.5-SterlingConnectDirectFileAgent-SolarisSPARC
1.4.0.5-SterlingConnectDirectFileAgent-LinuxPPC
1.4.0.5-SterlingConnectDirectFileAgent-Linux
1.4.0.5-SterlingConnectDirectFileAgent-AIX
1.4.0.4-SterlingConnectDirectFileAgent-Unix
1.4.0.4-SterlingConnectDirectFileAgent-zOS
1.4.0.4-SterlingConnectDirectFileAgent-Windows
1.4.0.4-SterlingConnectDirectFileAgent-SolarisSPARC
1.4.0.4-SterlingConnectDirectFileAgent-LinuxPPC
1.4.0.4-SterlingConnectDirectFileAgent-Linux
1.4.0.4-SterlingConnectDirectFileAgent-AIX
1.4.0.3-SterlingConnectDirectFileAgent-iFix017-zOS
1.4.0.3-SterlingConnectDirectFileAgent-iFix017-Windows
1.4.0.3-SterlingConnectDirectFileAgent-iFix017-Unix
1.4.0.3-SterlingConnectDirectFileAgent-iFix017-Linux
1.4.0.3-SterlingConnectDirectFileAgent-iFix017-SolarisSPARC
1.4.0.3-SterlingConnectDirectFileAgent-iFix017-LinuxPPC
1.4.0.3-SterlingConnectDirectFileAgent-iFix017-AIX
1.4.0.3-SterlingConnectDirectFileAgent-iFix014-Windows
1.4.0.3-SterlingConnectDirectFileAgent-iFix014-SolarisSPARC
1.4.0.3-SterlingConnectDirectFileAgent-iFix014-LinuxPPC
1.4.0.3-SterlingConnectDirectFileAgent-iFix014-Linux
1.4.0.3-SterlingConnectDirectFileAgent-iFix014-AIX
1.4.0.3-SterlingConnectDirectFileAgent-iFix012-Windows
1.4.0.3-SterlingConnectDirectFileAgent-iFix012-LinuxPPC
1.4.0.3-SterlingConnectDirectFileAgent-iFix012-Linux
1.4.0.3-SterlingConnectDirectFileAgent-iFix012-AIX
1.4.0.3-SterlingConnectDirectFileAgent-iFix011-SolarisSPARC
1.4.0.3-SterlingConnectDirectFileAgent-iFix011-AIX
1.4.0.3-SterlingConnectDirectFileAgent-iFix008-Windows
1.4.0.3-SterlingConnectDirectFileAgent-iFix008-SolarisSPARC
1.4.0.3-SterlingConnectDirectFileAgent-iFix007-zOS
1.4.0.3-SterlingConnectDirectFileAgent-iFix007-Windows
1.4.0.3-SterlingConnectDirectFileAgent-iFix007-Unix
1.4.0.3-SterlingConnectDirectFileAgent-iFix007-SolarisSPARC
1.4.0.3-SterlingConnectDirectFileAgent-iFix007-LinuxPPC
1.4.0.3-SterlingConnectDirectFileAgent-iFix007-Linux
1.4.0.3-SterlingConnectDirectFileAgent-iFix007-AIX
1.4.0.3-SterlingConnectDirectFileAgent-iFix004-Windows
1.4.0.3-SterlingConnectDirectFileAgent-iFix004-Unix
1.4.0.3-SterlingConnectDirectFileAgent-iFix004-SolarisSPARC
1.4.0.3-SterlingConnectDirectFileAgent-iFix004-LinuxPPC
1.4.0.3-SterlingConnectDirectFileAgent-iFix004-Linux
1.4.0.3-SterlingConnectDirectFileAgent-iFix004-CDzOS
1.4.0.3-SterlingConnectDirectFileAgent-iFix004-AIX
1.4.0.2-SterlingConnectDirectFileAgent-SolarisINTEL-iFix046
1.4.0.3-SterlingConnectDirectFileAgent-Windows
1.4.0.3-SterlingConnectDirectFileAgent-Unix
1.4.0.3-SterlingConnectDirectFileAgent-SolarisSPARC
1.4.0.3-SterlingConnectDirectFileAgent-LinuxPPC
1.4.0.3-SterlingConnectDirectFileAgent-Linux
1.4.0.3-SterlingConnectDirectFileAgent-HP-UX-Itanium
1.4.0.3-SterlingConnectDirectFileAgent-CDzOS
1.4.0.3-SterlingConnectDirectFileAgent-AIX
1.4.0.2-SterlingConnectDirectFileAgent-Windows-iFix045
1.4.0.2-SterlingConnectDirectFileAgent-Windows-iFix043
1.4.0.2-SterlingConnectDirectFileAgent-Unix-iFix043
1.4.0.2-SterlingConnectDirectFileAgent-SolarisSPARC-iFix043
1.4.0.2-SterlingConnectDirectFileAgent-SolarisINTEL-iFix043
1.4.0.2-SterlingConnectDirectFileAgent-LinuxPPC-iFix043
1.4.0.2-SterlingConnectDirectFileAgent-Linux-iFix043
1.4.0.2-SterlingConnectDirectFileAgent-HP-UX-Itanium-iFix043
1.4.0.2-SterlingConnectDirectFileAgent-CDzOS-iFix043
1.4.0.2-SterlingConnectDirectFileAgent-AIX-iFix043
1.4.0.2-SterlingConnectDirectFileAgent-Unix-iFix037
1.4.0.2-SterlingConnectDirectFileAgent-CDzOS-iFix037
1.4.0.2-SterlingConnectDirectFileAgent-HP-UX-Itanium-iFix036
1.4.0.2-SterlingConnectDirectFileAgent-Windows-iFix035
1.4.0.2-SterlingConnectDirectFileAgent-Unix-iFix035
1.4.0.2-SterlingConnectDirectFileAgent-SolarisSPARC-iFix035
1.4.0.2-SterlingConnectDirectFileAgent-SolarisINTEL-iFix035
1.4.0.2-SterlingConnectDirectFileAgent-LinuxPPC-iFix035
1.4.0.2-SterlingConnectDirectFileAgent-Linux-iFix035
1.4.0.2-SterlingConnectDirectFileAgent-HP-UX-Itanium-iFix035
1.4.0.2-SterlingConnectDirectFileAgent-CDzOS-iFix035
1.4.0.2-SterlingConnectDirectFileAgent-AIX-iFix035
1.4.0.2-SterlingConnectDirectFileAgent-Windows-iFix030
1.4.0.2-SterlingConnectDirectFileAgent-Unix-iFix030
1.4.0.2-SterlingConnectDirectFileAgent-SolarisSPARC-iFix030
1.4.0.2-SterlingConnectDirectFileAgent-SolarisINTEL-iFix030
1.4.0.2-SterlingConnectDirectFileAgent-LinuxPPC-iFix030
1.4.0.2-SterlingConnectDirectFileAgent-Linux-iFix030
1.4.0.2-SterlingConnectDirectFileAgent-HP-UX-Itanium-iFix030
1.4.0.2-SterlingConnectDirectFileAgent-CDzOS-iFix030
1.4.0.2-SterlingConnectDirectFileAgent-AIX-iFix030
1.4.0.2-SterlingConnectDirectFileAgent-Windows-iFix021
1.4.0.2-SterlingConnectDirectFileAgent-Unix-iFix021
1.4.0.2-SterlingConnectDirectFileAgent-SolarisSPARC-iFix021
1.4.0.2-SterlingConnectDirectFileAgent-SolarisINTEL-iFix021
1.4.0.2-SterlingConnectDirectFileAgent-LinuxPPC-iFix021
1.4.0.2-SterlingConnectDirectFileAgent-Linux-iFix021
1.4.0.2-SterlingConnectDirectFileAgent-HP-UX-Itanium-iFix021
1.4.0.2-SterlingConnectDirectFileAgent-CDzOS-iFix021
1.4.0.2-SterlingConnectDirectFileAgent-AIX-iFix021
1.4.0.2-SterlingConnectDirectFileAgent-Linux-iFix011
1.4.0.2-SterlingConnectDirectFileAgent-Windows-iFix011
1.4.0.2-SterlingConnectDirectFileAgent-Unix-iFix011
1.4.0.2-SterlingConnectDirectFileAgent-SolarisSPARC-iFix011
1.4.0.2-SterlingConnectDirectFileAgent-SolarisINTEL-iFix011
1.4.0.2-SterlingConnectDirectFileAgent-LinuxPPC-iFix011
1.4.0.2-SterlingConnectDirectFileAgent-HP-UX-Itanium-iFix011
1.4.0.2-SterlingConnectDirectFileAgent-CDzOS-iFix011
1.4.0.2-SterlingConnectDirectFileAgent-AIX-iFix011

APAR status

Closed as program error.

Error description

There is a vulnerability in the IBM Runtime Environment Java
Technology Edition, Version 7 and 8 used by IBM Sterling
Connect:Direct File Agent (CVE-2020-14782).

Local fix

STRMFT-11631
VF / VF
Circumvention: None

Problem summary

Users Affected:
Sterling Connect:Direct File Agent 1.4.0 with bundled IBM
Runtime Environment

Problem Description:
There is a vulnerability in the IBM Runtime Environment Java
Technology Edition, Version 7 and 8 used by IBM Sterling
Connect:Direct File Agent. IBM Sterling Connect:Direct File
Agent has addressed the applicable CVE (CVE-2020-14782).

Platforms Affected:
All supported platforms

Problem conclusion

Resolution Summary:
Updated the bundled IBM Runtime Environment.

Delivered In:
Sterling Connect:Direct File Agent 1.4.0.1_iFix005 for AIX,
Linux, Solaris, Windows, z/OS
Sterling Connect:Direct File Agent 1.4.0.2_iFix011 for HP-UX
Itanium

Temporary fix

Comments

APAR Information

APAR number
IT36510
Reported component name
STR CD FILE AGE
Reported component ID
5725C9902
Reported release
140
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2021-04-09
Closed date
2021-08-09
Last modified date
2021-08-09

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name
STR CD FILE AGE
Fixed component ID
5725C9902

Applicable component levels

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSHPZT","label":"Sterling Connect:Direct File Agent"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1.4","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]

Document Information

Modified date:
18 December 2025

Share your feedback

Need support?