Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights

Summary

Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights 1.3.6 or earlier. The following vulnerabilities, [CVE-2022-2154 1, CVE-2022-21540, CVE-2021-2163] allowing unauthorized access to critical data and CVE-2021-41041 allowing malicious remote attacker to bypass security restrictions, have been addressed.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Remediation/Fixes

IBM strongly suggests applying 1.3.6 Interim Fix 6 from Fix Central:
https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analytics±+Predictive+Insights&release=1.3.6

Workarounds and Mitigations

None