There is a vulnerability in the JetBrains Kotlin open source library used by IBM OpenPages for IBM Cloud Pak for Data. This vulnerability has been addressed.
CVEID:CVE-2022-24329
**DESCRIPTION:**JetBrains Kotlin could provide weaker than expected security, caused by failing to lock dependencies for Multiplatform Gradle Projects. A remote attacker could exploit this vulnerability to launch further attacks on the system.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/220617 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM OpenPages for IBM Cloud Pak for Data | 4.0.x |
IBM strongly recommends addressing the vulnerability now by upgrading.
If you are using IBM OpenPages for IBM Cloud Pak for Data 8.203.x and 8.204.x you will need to upgrade to
1. IBM Cloud Pak for Data Version 4.5or later** **
2. IBM OpenPages for IBM Cloud Pak for Data 8.300.0or later** **
Upgrade installation instructions are provided at the URL listed below:
https://www.ibm.com/docs/en/cloud-paks/cp-data/4.5.x?topic=openpages-upgrading
None