Security Bulletin: IBM Cognos Analytics is affected but not classified as vulnerable to multiple vulnerabilities

Summary IBM Cognos Analytics is affected but not classified as vulnerable to vulnerabilities, based on current information, in the following 3rd-party components: Stanford coreNLP, FasterXML jackson-databind, SnakeYAML, Dromera Hutool, jsoup, Node.js vm2 and Node.js http-cache-semantics. These...

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 4.1 Vulnerability Details CVEID:CVE-2021-37219 DESCRIPTION: HashiCorp Consul and Consul Enterprise could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in the Raft RPC layer...

Security Bulletin: A security vulnerability in Node.js vm2 affects IBM Cloud Pak for Multicloud Management Managed Services [CVE-2021-23555] and [CVE-2021-23449]

Summary A security vulnerability in Node.js vm2 affects IBM Cloud Pak for Multicloud Management Managed Services CVE-2021-23555 and CVE-2021-23449 has been addressed in IBM Cloud Pak for Multicloud Management 2.3 Fix Pack 5. Vulnerability Details CVEID:CVE-2021-23555 DESCRIPTION: Node.js vm2 modu...