IBM Support

Security Bulletin: The IBM® SDK Java Technology Edition, October 2021 CPU affect IBM Common Licensing (CVE-2021-35560, CVE-2021-35586, CVE-2021-35578, CVE-2021-35564, CVE-2021-35559, CVE-2021-35556, CVE-2021-35565, CVE-2021-35588, CVE-2021-41035)

Security Bulletin


Summary

There are multiple security vulnerabilities that are addressed in the IBM® SDK Java Technology Edition, October 2021 CPU, found in the IBM® Runtime Environment Java™ used by IBM License Key Server Administration and Reporting Tool and its Agent.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
ART 8.1.6.5
ART9.0
Agent8.1.6.5
Agent9.0

Remediation/Fixes

Obtain the latest Java JRE CPU update for the IBM Java SDK using the following information.

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References

Off

Change History

24 Feb 2022: Initial Publication

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

Document Location

Worldwide

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTMW6","label":"Rational License Key Server"},"Component":"ICL ART 9.0 , ICL Agent 9.0","Platform":[{"code":"PF033","label":"Windows"},{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"}],"Version":"ICL 9.0","Edition":"ICL 9.0","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
30 May 2022

Initial Publish date:
24 February 2022

UID

ibm16590825