Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Service Registry and Repository due to January 2022 CPU plus deferred CVE-2021-35550 and CVE-2021-35603

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, used by WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in January 2022. These issues are also addressed by IBM WebSphere Application Server shipped with...

Security Bulletin: A vulnerability in IBM® SDK, Java™ may affect IBM Decision Optimization Center (CVE-2021-35603)

Summary There is a vulnerability in IBM® Java™ versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component...

Security Bulletin: A vulnerability in IBM® SDK, Java™ may affect IBM Decision Optimization Center (CVE-2021-35550)

Summary There is a vulnerability in IBM® Java™ versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-35550 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component...

Security Bulletin: Multiple vulnerabilities in IBM® Java™ Runtime may affect IBM Decision Optimization Center (CVE-2022-21360, CVE-2022-21365)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7 & 8 used by IBM Decision Optimization Center. IBM Decision Optimization Center has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-21365 DESCRIPTION: An unspecified vulnerability in Java S...

Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Business Developer

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and IBM® Runtime Environment Java™ Version 7 used by Rational Business Developer. Rational Business Developer has provided a fix for the applicable CVE. This issue was disclosed as part of the IBM Java SDK and Runtim...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and 8 and IBM® Runtime Environment Java™ Version 7 and 8 used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of t...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On due to January 2022 CPU plus deferred CVE-2021-35550 and CVE-2021-35603

Summary IBM WebSphere Application Server is shipped with IBM Security Access Manager for Enterprise Single Sign-On. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletin...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms Nov 2021 CPU (CVE-2021-41035, CVE-2021-35578, CVE-2021-35586, CVE-2021-35564, CVE-2021-35561, CVE-2021-35565, CVE-2021-35567)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 used by 4.1.0.0 to 4.1.0.3 and Version 8 used by 4.1.0.4 to 4.1.0.7 of IBM Tivoli System Automation for Multiplatforms. These issues were disclosed as part of the IBM Java SDK updates in Nov 2021. Vulnerabili...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager Nov 2021 CPU (CVE-2021-41035, CVE-2021-35578, CVE-2021-35586, CVE-2021-35564, CVE-2021-35561, CVE-2021-35565, CVE-2021-35567)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in Nov 2021. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixe...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Security QRadar SOAR ( CVE-2021-35560, CVE-2021-35578, CVE-2021-35564, CVE-2021-35565, CVE-2021-35588)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by IBM Security QRadar SOAR. IBM has addressed the applicable CVEs CVE-2021-35560, CVE-2021-35578, CVE-2021-35564, CVE-2021-35565, CVE-2021-35588...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM Application Server Liberty due to January 2022 CPU plus deferred CVE-2021-35550 and CVE-2021-35603

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. These might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere...

Vulnerabilities fixed in IBM AIX kernel and Java SDK

Vulnerabilities have been fixed in IBM AIX versions 7.1-7.3. The vulnerabilities in the kernel with attributes CVE-2021-38994 and CVE-2021-38995 allow a malicious person to perform perform denial-of-service DoS attacks from a user with low privileges. This is caused by user input that is...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 7, 7.1, 8 used by AIX. AIX has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in Java SE related to the Deployment component could allow an...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Wed Feb 23 08:12:23 CST 2022 |Updated: Thu Jun 23 13:28:33 CDT 2022 |Update: Corrected the affected fileset levels. The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/javafeb2022advisory.asc...

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2989, CVE-2020-2593 and CVE-2019-4732 )

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control formerly Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates for October 2019 and January 2020. Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-3139, CVE-2018-3180)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control formerly Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates for October 2018. Vulnerability Details CVEID: CVE-2018-313...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1656, CVE-2018-12539)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control formerly Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates for July 2018. Vulnerability Details CVEID: CVE-2018-1656...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2684, CVE-2019-4473, CVE-2019-11771)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control formerly Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates for April 2019 and July 2019. Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-2426, CVE-2018-12547, CVE-2018-1890)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped and used by IBM Spectrum Control formerly Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates for January 2019. Vulnerability Details CVEID: CVE-2019-242...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Spectrum Control and Tivoli Storage Productivity Center October 2015 CPU and January 2016 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ Technology Edition that is shipped and used by IBM Spectrum Control and Tivoli Storage Productivity Center. These issues were disclosed as part of the IBM Java SDK updates in October...