Security Bulletin: The vulnerability CVE-2022-21299 in IBM Java SDK affects IBM WebSphere Cast Iron Solution & App Connect Professional

Summary The CVE-2022-21299 issue was disclosed as part of the IBM Java SDK updates in Apr 2022, IBM WebSphere Cast Iron Solution & App Connect Professional have addressed the applicable CVEs. This vulnerability is addressed in App connect professional v7.5.5.0, customer can migrate to this versio...

Security Bulletin: The CVE-2021-35561 vulnerability in IBM Java SDK affects IBM WebSphere Cast Iron Solution & App Connect Professional.

Summary The CVE-2021-35561 vulnerability in the IBM SDK Java Technology used by IBM WebSphere Cast Iron Solution & App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in Apr 2022, IBM WebSphere Cast Iron Solution & App Connect Professional have addressed the...

Security Bulletin: Vulnerability in IBM Java SDK affect IBM WebSphere Cast Iron Solution & App Connect Professional

Summary This vulnerability was disclosed as part of the IBM Java SDK updates in October 2021 , IBM WebSphere Cast Iron Solution & App Connect Professional have addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-35550 DESCRIPTION: An unspecified vulnerability in Java SE related to...

Security Bulletin: App Connect Professional & IBM WebSphere Cast Iron Solution are affected by OpenSSL vulnerability

Summary App Connect Professional & IBM WebSphere Cast Iron Solution have addressed the following vulnerability reported in OpenSSL. Vulnerability Details CVEID: CVE-2021-3449 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in signaturealgorithms...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability.

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2021-27218 DESCRIPTION: GNOME GLib is vulnerable to a denial of service, caused by an error when invoking gbytearraynewtake with a buffer of 4GB or more on a...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability.

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2021-35942 DESCRIPTION: GNU C Library aka glibc could allow a local attacker to obtain sensitive information, caused by a flaw when called with an untrusted,...

Security Bulletin: App Connect Professional & IBM WebSphere Cast Iron Solution are affected by axios vulnerability

Summary App Connect Professional & IBM WebSphere Cast Iron Solution have addressed the following vulnerability reported in axios. Vulnerability Details CVEID: CVE-2021-3749 DESCRIPTION: axios is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the...

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM WebSphere Cast Iron Solution & App Connect Professional

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition, which are used by IBM WebSphere Cast Iron Solution & App Connect Professional . These issues were disclosed as part of the IBM Java SDK updates in Oct 2020 , IBM WebSphere Cast Iron Solution & App Connect Professional have addressed th...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere Cast Iron Solution & App Connect Professional

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, which are used by IBM Cast Iron Solution & App Connect Professional . These issues were disclosed as part of the IBM Java SDK updates in January 2021, IBM Cast Iron & App Connect Professional have addressed the...

Security Bulletin: IBM WebSphere Cast Iron Solution & App Connect Professional is affected by Apache Tomcat vulnerabilities.

Summary IBM WebSphere Cast Iron Solution & App Connect Professional has addressed the following vulnerabilities reported in Apache Tomcat. Vulnerability Details CVEID: CVE-2020-1938 DESCRIPTION: Apache Tomcat could allow a remote attacker to execute arbitrary code on the system, caused by a file...

Security Bulletin: IBM WebSphere Cast Iron Solution & App Connect Professional is affected by Apache Tomcat vulnerabilities.

Summary IBM WebSphere Cast Iron Solution & App Connect Professional has addressed the following vulnerabilities reported in Apache Tomcat. Vulnerability Details CVEID: CVE-2019-12418 DESCRIPTION: Apache Tomcat could allow a local attacker to gain elevated privileges on the system, caused by a fla...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerability (CVE-2016-5388)

Summary There is a vulnerability CVE-2016-5388 reported in Apache Tomcat v6 that is used by WebSphere Cast Iron Solution. WebSphere Cast Iron has remediated the affected versions. Vulnerability Details CVEID: CVE-2016-5388 DESCRIPTION: Apache Tomcat could allow a remote attacker to redirect HTTP...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerability CVE-2015-5174

Summary There is a vulnerability CVE-2015-5174 reported in Apache Tomcat v6 that is used by WebSphere Cast Iron Solution. WebSphere Cast Iron has remediated the affected versions. Vulnerability Details CVEID: CVE-2015-5174 DESCRIPTION: Apache Tomcat could allow a remote attacker to traverse...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by an OpenSSL vulnerability (CVE-2017-3731)

Summary IBM WebSphere Cast Iron Solution has addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2017-3731 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read when using a specific cipher. By sending specially crafted truncated...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2016-8735, CVE-2016-6816)

Summary There are vulnerabilities CVE-2016-8735, CVE-2016-6816 reported in Apache Tomcat v6 that is used by WebSphere Cast Iron Solution. WebSphere Cast Iron has remediated the affected versions. Vulnerability Details CVEID: CVE-2016-8735 DESCRIPTION: Apache Tomcat could allow a remote attacker t...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2015-5345, CVE-2016-0706, CVE-2016-0714)

Summary There are multiple vulnerabilities CVE-2015-5174, CVE-2015-5345, CVE-2016-0706, CVE-2016-0714 reported in Apache Tomcat v6 that is used by WebSphere Cast Iron Solution. WebSphere Cast Iron has remediated the affected versions. Vulnerability Details CVEID: CVE-2015-5345 DESCRIPTION: Apache...

Security Bulletin: GNU C library (glibc) vulnerability affects IBM WebSphere Cast Iron Solution (CVE-2015-1781)

Summary Open source GNU C library glibc vulnerability affects IBM WebSphere Cast Iron Solution. Vulnerability Details CVEID: CVE-2015-1781 DESCRIPTION: GNU C Library glibc is vulnerable to a buffer overflow, caused by improper bounds checking by the gethostbynamer and other related functions. By...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities

Summary There are vulnerabilities reported in Apache Tomcat v6 that is used by WebSphere Cast Iron Solution. WebSphere Cast Iron Solution has remediated the affected versions. Vulnerability Details CVEID: CVE-2016-0762 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain sensitive...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities CVE-2019-10072

Summary IBM WebSphere Cast Iron Solution has addressed the following vulnerabilities reported in Apache Tomcat v8 Vulnerability Details CVEID: CVE-2019-10072 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by HTTP/2 connection window exhaustion on write. By failing to send...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2018-11784, CVE-2018-8034)

Summary IBM WebSphere Cast Iron Solution has addressed the following vulnerabilities reported in Apache Tomcat v7. Vulnerability Details CVEID: CVE-2018-11784 DESCRIPTION: Apache Tomcat could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the...