IBM Support

License Metric Tool: Security enhancements

Flashes (Alerts)


Abstract

The following security enhancements and mitigations were introduced in the recent releases of License Metric Tool and HCL BigFix Platform.



Content

Go to IBM License Metric Tool enhancements and mitigations list.

Go to HCL BigFix Platform enhancements and mitigations list.

IBM License Metric Tool

License Metric Tool application update Enhancement details Addressed CVEs
9.2.34

 
Security vulnerabilities have been identified in IBM DB2 shipped with IBM License Metric Tool v9

Security vulnerabilities have been identified in bzip2 shipped with IBM License Metric Tool v9

CVE-2019-12900

Security vulnerabilities have been identified in WebSphere Liberty Profile shipped with IBM License Metric Tool v9

CVE-2023-46158

Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9

9.2.33 Security vulnerabilities have been identified in IBM DB2 shipped with IBM License Metric Tool v9
Security vulnerability has been identified in IBM License Metric Tool v9 CVE-2023-43044
A vulnerability in Ruby on Rails affects IBM License Metric Tool v9 and could allow cross-site scripting CVE-2023-28362
9.2.32 Security vulnerabilities have been identified in IBM DB2 shipped with IBM License Metric Tool v9 CVE-2023-27868
CVE-2023-27867
CVE-2023-27869
CVE-2023-30447
CVE-2023-30446
CVE-2023-30443
CVE-2023-30448
CVE-2023-30445
CVE-2023-30449
CVE-2023-29256
CVE-2023-23487
CVE-2023-30431

Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9

9.2.31 Security vulnerabilities have been identified in IBM DB2 shipped with IBM License Metric Tool v9
9.2.30 A security vulnerability has been identified in WebSphere Liberty Profile shipped with IBM License Metric Tool v9 CVE-2022-34165
Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9
9.2.29 No new vulnerabilities were reported. 
9.2.28 A vulnerability in zlib affects IBM Common Inventory Technology CVE-2018-25032
9.2.27 A vulnerability in Java affects IBM License Metric Tool v9 CVE-2021-35550
A vulnerability in Java affects IBM License Metric Tool v9 CVE-2021-35603
A vulnerability in Java affects IBM License Metric Tool v9
9.2.26 Security vulnerability has been identified in Apache Log4j library shipped with IBM License Metric Tool v9 CVE-2021-44228
Security vulnerabilities in Apache Commons Compress affects IBM License Metric Tool v9
9.2.25 Security vulnerability have been identified in IBM DB2 shipped with IBM License Metric Tool v9 CVE-2021-29752
Security vulnerability have been identified in IBM DB2 shipped with IBM License Metric Tool v9 CVE-2021-29763
Security vulnerability have been identified in IBM DB2 shipped with IBM License Metric Tool v9 CVE-2021-29825
Security vulnerabilities have been identified in BigFix Platform shipped with IBM License Metric Tool
Security vulnerability have been identified in IBM DB2 shipped with IBM License Metric Tool v9 CVE-2021-29702
Security vulnerabilities have been identified in IBM DB2 shipped with IBM License Metric Tool v9
9.2.24 A vulnerability in Ruby on Rails affects IBM License Metric Tool v9 (CVE-2021-22885) CVE-2021-22885
Security vulnerabilities have been identified in IBM DB2 shipped with IBM License Metric Tool v9
9.2.23 A vulnerability in IBM Java SDK affects IBM License Metric Tool v9 (CVE-2020-14782) CVE-2020-14782
Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9
9.2.22 A vulnerability in JavaScript affects IBM License Metric Tool v9 (CVE-2020-8203) CVE-2020-8203
9.2.21 A vulnerability in Ruby on Rails affects IBM License Metric Tool v9 (CVE-2020-8166) CVE-2020-8166
A vulnerability in Ruby on Rails affects IBM License Metric Tool v9 (CVE-2020-8164) CVE-2020-8164
Vulnerabilities in Ruby on Rails affect IBM License Metric Tool v9
Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9
9.2.20 A security vulnerability has been identified in WebSphere Liberty Profile shipped with IBM License Metric Tool v9 CVE-2020-4329
A security vulnerabilities has been identified in WebSphere Liberty Profile shipped with IBM License Metric Tool v9
Vulnerabilities in jQuery affect IBM License Metric Tool v9
Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9
9.2.19 Multiple vulnerabilities in Bouncy Castle API affect IBM License Metric Tool v9
A vulnerability in Ruby on Rails affects IBM License Metric Tool v9 CVE-2019-16782
Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9
A security vulnerability has been identified in WebSphere Liberty Profile shipped with IBM License Metric Tool v9 CVE-2019-4720
A vulnerability in Ruby on Rails affects IBM License Metric Tool v9 CVE-2019-16779
Security vulnerabilities have been identified in IBM DB2 shipped with IBM License Metric Tool v9
9.2.18 Security vulnerabilities have been identified in WebSphere Liberty Profile shipped with IBM License Metric Tool v9.
Vulnerabilities in Ruby on Rails affect IBM License Metric Tool v9.
Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS8JFY","label":"IBM License Metric Tool"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB67","label":"IT Automation \u0026 App Modernization"}}]

Document Information

Modified date:
30 January 2024

UID

ibm11126755