Security Bulletin: Multiple security vulnerabilities have been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics

Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin. Vulnerability Details CVEID:CVE-2017-12973 DESCRIPTION: Connect2id Nimbus JOSE+JWT could provide...

Security Bulletin: A security vulnerability has been identified in OpenSSL in IBM® AIX® shipped with IBM PureData System for Operational Analytics ( CVE-2022-1292)

Summary IBM® AIX® is shipped as a component of IBM PureData System for Operational Analytics. Information about the security vulnerability in OpenSSL affecting IBM AIX has been published in a security bulletin CVE-2022-1292. Vulnerability Details CVEID:CVE-2022-1292 DESCRIPTION: OpenSSL could all...

Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU -April 2022 to January 2023 affects AIX LPARs in IBM PureData System for Operational Analytics

Summary Multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, and 8 that are used in IBM PureData System for Operational Analytics AIX based LPARs. These issues were disclosed as part of the IBM Java SDK updates in April 2022 to January 2023. These issues were disclosed as pa...

Security Bulletin: One or more security vulnerabilities has been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics (CVE-2022-43927,CVE-2022-43929)

Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin CVE-2022-43927,CVE-2022-43929. Vulnerability Details CVEID:CVE-2022-43929 DESCRIPTION: IBM Db2 for...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, and 8 that are used in IBM PureData System for Operational Analytics AIX based LPARs. These issues were disclosed as part of the IBM Java SDK updates between January 2019 and July 2022...

Security Bulletin: Vulnerabilities in Eclipse OpenJ9 affects AIX LPARs in IBM PureData System for Operational Analytics (CVE-2021-41041)

Summary There are one or more vulnerabilities in Eclipse OpenJ9 that is used in IBM PureData System for Operational Analytics AIX based LPARs CVE-2021-41041. Vulnerability Details CVEID:CVE-2021-41041 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security restrictions, cause...

Security Bulletin: Multiple security vulnerabilities has been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics

Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin CVE-2022-22389, CVE-2022-22390, CVE-2022-25313, CVE-2022-25236, CVE-2022-25235, CVE-2022-25314,...

Security Bulletin: One or more security vulnerabilities has been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics (CVE-2020-4230,CVE-2020-4135,CVE-2020-4204,CVE-2020-4200)

Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin CVE-2020-4230,CVE-2020-4135,CVE-2020-4204,CVE-2020-4200. Vulnerability Details CVEID: CVE-2020-4135...

Security Bulletin: IBM® PureData System for Operational Analytics is vulnerable to arbitrary code execution, remote code execution and denial of service due to Apache Log4j (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)

Summary IBM PureData System for Operational Analytics appliance contains a hardware component called Hardware Management Console HMC, MTM: 9042-CR8. This component contains log4j 2.1 at a level lower than 2.17.1 and is vulnerable to arbitrary code execution, remote code execution and denial of...

Security Bulletin: A security vulnerability has been identified in IBM® General Parallel File System shipped with IBM PureData System for Operational Analytics (CVE-2015-1890)

Summary IBM General Parallel File System is shipped as a component of IBM PureData System for Operational Analytics. Information about a security vulnerability affecting IBM General Parallel File System has been published in a security bulletin. Vulnerability Details CVEID: CVE-2015-1890...

Security Bulletin: IBM PureData System for Operational Analytics V1.0 (A1791) is affected by vulnerabilities in GSKit (CVE-2015-0138, CVE-2015-0159 and CVE-2014-6221)

Summary The IBM PureData System for Operational Analytics V1.0 A1791 ships with IBM DB2 10.1. GSKit is an IBM component that is used by IBM DB2. The GSKit that is shipped with IBM DB2 contains multiple security vulnerabilities including the “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL...

Security Bulletin: IBM PureData System for Operational Analytics is affected by multiple vulnerabilities in SSLv3 and OpenSSL

Summary The IBM PureData System for Operational Analytics is affected by multiple vulnerabilities in SSLv3 and OpenSSL. Vulnerability Details CVEID: CVE-2014-3566 DESCRIPTION: Multiple products could allow a remote attacker to obtain sensitive information, caused by a design error when using the...

Security Bulletin: TLS padding vulnerability affects IBM PureData System for Operational Analytics (CVE-2014-8730)

Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects IBM PureData System for Operational Analytics. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: Product could allow a remote attacker to obtain...

Security Bulletin: IBM PureData System for Operational Analytics is affected by multiple vulnerabilities in OpenSSL

Summary The IBM PureData System for Operational Analytics is affected by multiple vulnerabilities in OpenSSL. Vulnerability Details CVEID: CVE-2014-3511 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by the negotiation of TLS 1.0 instead of higher...

Security Bulletin: A security vulnerability has been identified in IBM® GPFS shipped with IBM PureData System for Operational Analytics (CVE-2015-4974, CVE-2015-4981)

Summary IBM GPFS is shipped as a component of IBM PureData System for Operational Analytics. Information about a security vulnerability affecting IBM GPFS has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin: IBM Spectrum Scale an...

Security Bulletin: Vulnerabilities in Bash affect IBM PureData System for Operational Analytics (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by the IBM PureData System for Operational Analytics. Vulnerability Detai...

Security Bulletin: IBM PureData for Operational Analytics A1791 is affected by the following OpenSSL vulnerabilities: CVE-2014-0076, CVE-2014-0195, CVE-2014-0224, CVE-2014-0221 and CVE-2014-3470

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-0076 DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive information, caused by an implementation error in ECDSA...