Security Bulletin: IBM SPSS Analytic Server is vulnerable to HTTP header injection(CVE-2022-34165)

Summary IBM SPSS Analytic Server uses IBM WebSphere Application Server Liberty which is vulnerabile to a HTTP header injection vulnerability. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and...

Security Bulletin: An HTTP header injection vulnerability in IBM WebSphere Application Server Liberty (CCVE-2022-34165) affects IBM TXSeries for Multiplatforms

Summary An HTTP header injection vulnerability exists in IBM WebSphere Application Server Liberty used by IBM TXSeries for Multiplatforms. IBM TXSeries for Multiplatforms has addressed the vulnerability CCVE-2022-34165. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere...

Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty may affect IBM Robotic Process Automation and allow HTTP Header Injections (CVE-2022-34165)

Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by IBM Robotic Process Automation as part of OCR, Antivirus, and User Management Services which may allow HTTP header injection. This bulletin identifies the security fixes to apply to address this vulnerability...

Security Bulletin: IBM Security Verify Governance is vulnerable to multiple vulnerabilities due to use of IBM WebSphere Application Server Liberty (CVE-2022-34165, CVE-2022-24839)

Summary IBM Security Verify Governance uses IBM WebSphere Application Server Liberty which is vulnerable to HTTP header injection and denial of service CVE-2022-34165, CVE-2022-24839. The fix includes upgrading IBM WebSphere Application Server Liberty with the security patch. Vulnerability Detail...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2022-38712)

Summary IBM WebSphere Application Server used by IBM Tivoli System Automation Application Manager is vulnerable to SOAPAction spoofing when processing JAX-WS Web Services requests. Required fixes for affected WebSphere Application Server has been published in the security bulletin. Vulnerability...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2022-34336)

Summary IBM WebSphere Application Server is used by IBM Tivoli System Automation Application Manager and is vulnerable to cross-site scripting in the Admin Console. Required fixes for affected WebSphere Application Server has been published in the security bulletin links below. Vulnerability...

Security Bulletin: Vulnerabilities in Java and IBM WebSphere Application Server Liberty affects IBM Cloud Application Business Insights - CVE-2022-34165, CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619

Summary Vulnerabilities in Java and IBM WebSphere Application Server Liberty affects IBM Cloud Application Business Insights - CVE-2022-34165, CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619 Vulnerability Details CVEID:CVE-2022-21628 DESCRIPTION: Java SE is vulnerable to a denial o...

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to HTTP header injection (CVE-2022-34165) in FileNet Content Manager containers

Summary IBM WebSphere Application Server is vulnerable to HTTP header injection when processing web requests. This has been addressed. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|---...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application and IBM HTTP Server included as part of IBM Tivoli Monitoring ITM portal server: CVE-2022-34336 CVE-2022-22477 CVE-2022-22473 CVE-2022-34165. The IBM Tivoli Monitoring include IBM HTTP Server is also affected...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application and IHS server

Summary The following security issues have been identified in the WebSphere Application Server and IHS server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2019-4670 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a...

Security Bulletin: Vulnerablity in Apache Log4j may affect IBM Tivoli Monitoring installed WebSphere Application Server (CVE-2021-44228)

Summary The following security issue has been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. Note that log4j 2.x is not actually used by ITM but is present as part of the Tivoli Portal Server component installation as it prereqs and...

Security Bulletin: Vulnerablity in Apache Log4j may affect IBM Tivoli Monitoring (CVE-2021-4104)

Summary The following security issue has been identified in components related to IBM Tivoli Monitoring ITM portal server and client. Vulnerability Details CVEID:CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. CVEs: CVE-2022-22365, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-26377, CVE-2022-31813, CVE-2022-30556. It also includes Java 8...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring installed WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2021-29736 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring installed WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2021-20454 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML Extern...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2020-4782 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker ...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring installed WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2021-20353 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application and IHS server

Summary The following security issues have been identified in the WebSphere Application Server and IHS server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2020-4578 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable t...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring Installed WebSphere Application Server including Log4j

Summary The following security issues has been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to protect fr...

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. CVEs: CVE-2021-23450, CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-25315, CVE-2022-25313, CVE-2022-25235, CVE-2022-25236,...