Vulnerabilities fixed IBM Integration Bus and App Connect Enterprise

🗓️ 14 Sep 2022 00:00:00Reported by NCSCType

IBM fixed Node.js and OpenSSL vulnerabilities in Integration Bus and App Connect Enterprise to prevent XSS and remote code execution.

Reporter	Title	Published	Views	Family All 819
IBM Security Bulletins	Security Bulletin:IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from openssl, pcre2 and Golang Go	31 Aug 202216:17	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs	25 Oct 202214:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in node.js	8 Aug 202217:42	–	ibm
IBM Security Bulletins	Security Bulletin: Due to use of NodeJS, IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to multiple security vulnerabilities.	5 Sep 202311:07	–	ibm
IBM Security Bulletins	Security Bulletin: AIX is vulnerable to arbitrary command execution (CVE-2022-1292 and CVE-2022-2068) or an attacker may obtain sensitive information (CVE-2022-2097) due to OpenSSL	19 Aug 202216:02	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM InfoSphere Information Server	25 Jan 202316:00	–	ibm
IBM Security Bulletins	Security Bulletin: Netcool Operations Insight v1.6.8 addresses multiple security vulnerabilities.	11 Apr 202311:47	–	ibm
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway potentially vulnerable to HTTP request smuggling	21 Nov 202221:55	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Linux Kernel, OpenSSL, Golang Go, and Zlib may affect IBM Spectrum Protect Plus	17 Sep 202206:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related Java SE and Node	22 Sep 202207:03	–	ibm

14 Sep 2022 00:00Current

6.5Medium risk

Vulners AI Score6.5

CVSS 25

CVSS 3.18.1

EPSS0.76906

SSVC