Security Bulletin: IBM Sterling Control Center v6.2.1 and v6.3.1 is vulnerable with IBM Semeru Runtime Quarterly CPU - Apr 2023

Summary IBM Semeru Runtime Quarterly CPU - Apr 2023 - Includes OpenJDK April 2023 CPU plus CVE-2023-25193 and CVE-2023-2597 and affecting Sterling Control Center v6.2.1 and v6.3.1. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle Graal...

Oracle Siebel Server (April 2023 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the April 2023 CPU advisory. - Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: UI Framework. Supported versions that are affected are 23.3 and prior. Easily...

Oracle Siebel Server <= 21.10 (April 2023 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory. - Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: Open UI CKEditor. Supported versions that are affected are 21.10 and prio...

Security Bulletin: The IBM SPSS Collaboration and Deployment Services impacted by multiple vulnerabilities disclosed in IBM Semeru Runtime

Summary The IBM SPSS Collaboration and Deployment Services using IBM SDK, Java Technology Edition Quarterly CPU - Apr 2023 - Includes Oracle April 2023 CPU is vulnerable to CVE-2023-2597. These vulnerabilities are addressed. Vulnerability Details Refer to the security bulletins listed in the...

Oracle Java SE Multiple Vulnerabilities (April 2023 CPU)

CVE-2023-21930 CVSS 3.1 Base Score 7.4 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2023-21937 CVSS 3.1 Base Score 3.7 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2023-21938 CVSS 3.1 Base Score 3.7 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager

Summary IBM Db2 is shipped as a component of IBM Security Key Lifecycle Manager SKLM/GKLM. Information about multiple security vulnerabilities affecting IBM Db2 has been published in security bulletins mentioned below. Vulnerability Details Refer to the security bulletins listed in the...

Oracle MySQL Server 8.0.x < 8.0.34 (April 2023 CPU)

The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Compiling curl. Supported versions that are affected are 5.7.43 and prior...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager - Oracle April 2023 CPU (CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in April 2023. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: Multiple security vulnerabilities has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI - April 2023 CPU

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about security vulnerabilities affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - April 2023 - Includes Oracle April 2023 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities a...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Service Registry and Repository due to April 2023 CPU

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, used by WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in April 2023. These issues are also addressed by WebSphere Application Server shipped with WebSphere...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2023 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVEs listed in this document might affect some configurations of IBM WebSphere Application Server traditiona...

Oracle Business Intelligence Enterprise Edition (Apr 2023 CPU)

The versions of Oracle Business Intelligence Enterprise Edition OBIEE installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory. - A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity...

Oracle Business Intelligence Publisher 6.4.0.0.0 < 6.4.0.0.230404 (OAS) (April 2023 CPU)

The versions of Oracle Business Intelligence Publisher OAS installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory. - Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Security. The supported version that is...

Oracle Business Intelligence Publisher 12.2.1.4.0 < 12.2.1.4.230407 (April 2023 CPU)

The versions of Oracle Business Intelligence Publiosher installed on the remote host is affected by a vulnerability as referenced in the April 2023 CPU advisory. - Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are...

Oracle Enterprise Manager Ops Center (Apr 2023 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by a DoS vulnerability in XStream component as referenced in the April 2023 CPU advisory. XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to...

Oracle WebCenter Sites (Apr 2023 CPU)

The 12.2.1.4.0 version of WebCenter Sites installed on the remote host is affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory. - Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: Samples Apache CXF. The supported version that ...

Oracle MySQL Server 5.7.x < 5.7.42 (Apr 2023 CPU)

The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 5.7.41 and...

Oracle NoSQL Database Multiple Vulnerabilities (Apr 2023 CPU)

The version of Oracle NoSQL Database Enterprise running on the remote host is prior to 21.2.63. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory. - Vulnerability in Oracle NoSQL Database component: Administration jackson-databind. Easily...

Oracle Java SE Multiple Vulnerabilities (April 2023 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory: - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE...