Security Bulletin: Vulnerability in [All] Spring Framework - CVE-2021-22060 (Publicly disclosed vulnerability) impacts IBM Watson Machine Learning Accelerator

2022-03-2302:33:36

www.ibm.com

0.001 Low

EPSS

Percentile

22.9%

JSON

Summary

Spring Framework is used IBM Watson Machine Learning Accelerator. This bulletin provides mitigations for the addressable vulnerability (CVE-2021-22060) by upgrading addressable to latest version.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Watson Machine Learning Accelerator	2.2.0;2.2.1;2.2.2; 2.3.0;2.3.1;2.3.2;2.3.3;2.3.4;2.3.5

Remediation/Fixes

Affected Product(s)	Version(s)	Remediation
IBM Watson Machine Learning Accelerator	2.2.0;2.2.1;2.2.2	To address the vulnerability upgrade to IBM Watson Machine Learning Accelerator 2.2.3: <https://www.ibm.com/docs/en/cloud-paks/cp-data/3.5.0?topic=accelerator-upgrading-watson-machine-learning>

IBM Watson Machine Learning Accelerator| 2.3.0; 2.3.1; 2.3.2; 2.3.3; 2.3.4; 2.3.5| To address the vulnerability upgrade to IBM Watson Machine Learning Accelerator 2.3.6: <https://www.ibm.com/docs/en/wmla/2.3?topic=installation-install-upgrade>

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm watson machine learning acceleratoreq2.2.
ibm watson machine learning acceleratoreq2.3.

CPE	Name	Operator	Version
	ibm watson machine learning accelerator	eq	2.2.
	ibm watson machine learning accelerator	eq	2.3.

0.001 Low

EPSS

Percentile

22.9%

JSON

Related for 9881226D0C430B3D1A6167EC18E2DA00B1048D439BAB0713E00099F02830547C