www.ibm.com
Open in
urlscan Pro
2a02:26f0:6c00:298::1e89
Public Scan
URL:
https://www.ibm.com/support/pages/node/6514811
Submission: On November 10 via api from US — Scanned from DE
Submission: On November 10 via api from US — Scanned from DE
Form analysis 3 forms found in the DOM
POST /support/pages/node/6514811
<form action="/support/pages/node/6514811" method="post" id="openid-connect-login-form" accept-charset="UTF-8">
<div><input data-drupal-selector="edit-openid-connect-client-generic-login" type="submit" id="edit-openid-connect-client-generic-login" name="generic" value="Log in with Generic" class="button js-form-submit form-submit">
</div><input autocomplete="off" data-drupal-selector="form-t051h-ph-jmpbqytodxgeggyxrwqz8k6ztztqqmr8c" type="hidden" name="form_build_id" value="form-t051h_-pH_JmPbqyTODXGEGGYxRWqZ8K6ZtztqQmr8c">
<input data-drupal-selector="edit-openid-connect-login-form" type="hidden" name="form_id" value="openid_connect_login_form">
</form><form class="ibm-row-form ibm-home-search" enctype="multipart/form-data" id="spng-search" ng-submit="omniType()">
<p class="ibm-padding-top-r1 ibm-padding-bottom-0"> <input id="spng-search-query" name="text" size="40" type="search" autocomplete="off" placeholder="Search support or find a product">
<a title="Search" aria-label="Search" href="#" tabindex="-1" id="spng-search-button" ng-click="omniButton()" class="ibm-search-link ibm-textcolor-white-core common-search-link"></a> </p>
<div id="spng-search-typeahead-wrapper" style="display:none" class="search-results-wrapper">
<div id="spng-search-typeahead" class="common-search-results">
<div id="spng-spinner" style="display:none">
<h2 class="ibm-h2"><span class="ibm-spinner"> </span></h2>
</div>
<div id="sp-no-results" style="display:none">
<div class="results">
<p>No results were found for your search query.</p>
<div class="ibm-rule">
<hr>
</div>
<h5 class="ibm-h5"><strong>Tips</strong></h5>
<p>To return expected results, you can:</p>
<ul>
<li><strong>Reduce the number of search terms.</strong> Each term you use focuses the search further.</li>
<li><strong>Check your spelling.</strong> A single misspelled or incorrectly typed term can change your result.</li>
<li><strong>Try substituting synonyms for your original terms.</strong> For example, instead of searching for "java classes", try "java training"</li>
<li><strong>Did you search for an IBM acquired or sold product ?</strong> If so, follow the appropriate link below to find the content you need.</li>
</ul>
</div>
</div>
<div id="sp-doc-failure" style="display:none">
<div class="category">Our apologies</div>
<div class="results">
<p>Search results are not available at this time. Please try again later or use one of the other support options on this page.</p>
</div>
</div>
<div id="sp-prev-products" class="result_section"></div>
<div id="sp-wd-results" class="result_section"></div>
<div id="sp-prod-results" class="result_section"></div>
<div id="sp-doc-results" class="result_section"></div>
</div>
</div>
</form>POST javascript:void(0)
<form method="post" id="frm" enctype="multipart/form-data" class="ibm-row-form ibm-home-search" action="javascript:void(0)" onsubmit="return false;">
<div id="ibm-tc-check" style="display: none;">
<p class="ibm-left ibm-alternate-background">
<input class="ibm-styled-checkbox" data-init="false" type="checkbox" id="ibm-tc-checkbox" name="tc-adv-checkbox" value="checked" aria-labelledby="tc-check-label">
<label for="ibm-tc-checkbox" id="tc-check-label">Check here to start a new keyword search.</label>
</p>
</div>
<p class="ibm-padding-top-r1 ibm-padding-bottom-0 ibm-alternate-background">
<label for="iptSearch" id="iptSearch-label" class="ibm-access">Watson Product Search</label>
<span>
<input type="text" placeholder="Search support or find a product" value="" name="search" id="iptSearch" class="ibm-h3-medium ibm-h4-small" aria-labelledby="iptSearch-label" maxlength="125">
<a onclick="javascript:void(0); return false;" class="ibm-search-link ibm-textcolor-white-core" id="iptSearchButton" href="#">Search</a>
</span>
</p>
<div style="display:none;" id="divWatsonContainer" class="wd_result_container wd_result_width">
<div style="display:none;" class="ps_ibm-content wd_result_width" id="divWatsonDialogue">
<div style="display:none;" id="divWatsonSpinner" class="ibm-spinner ibm-h2"></div>
<div style="display:none;" class="wd_content_div wd_ul" id="divWatsonContent"></div>
<hr>
<p class="wd_search_link"><a id="watsonNOTALink" href="javascript:void(0)" class="ibm-forward-link">None of the above, continue with my search</a></p>
</div>
</div>
</form>Text Content
Support My IBM Log in
IBM SUPPORT
No results were found for your search query.
--------------------------------------------------------------------------------
TIPS
To return expected results, you can:
* Reduce the number of search terms. Each term you use focuses the search
further.
* Check your spelling. A single misspelled or incorrectly typed term can change
your result.
* Try substituting synonyms for your original terms. For example, instead of
searching for "java classes", try "java training"
* Did you search for an IBM acquired or sold product ? If so, follow the
appropriate link below to find the content you need.
Our apologies
Search results are not available at this time. Please try again later or use one
of the other support options on this page.
Check here to start a new keyword search.
Watson Product Search Search
--------------------------------------------------------------------------------
None of the above, continue with my search
SECURITY BULLETIN: A SECURITY VULNERABILITY IN NODE.JS AXIOS MODULE AFFECTS IBM
CLOUD PAK FOR MULTICLOUD MANAGEMENT MANAGED SERVICES
SECURITY BULLETIN
SUMMARY
A security vulnerability in Node.js axios module affects IBM Cloud Pak for
Multicloud Management Managed Services.
VULNERABILITY DETAILS
CVEID: CVE-2021-3749
DESCRIPTION: axios is vulnerable to a denial of service, caused by a regular
expression denial of service (ReDoS) flaw in the trim function. By sending a
specially-crafted regex input, a remote attacker could exploit this
vulnerability to cause an application to consume an excessive amount of CPU.
CVSS Base score: 7.5
CVSS Temporal Score: See:
https://exchange.xforce.ibmcloud.com/vulnerabilities/208438 for the current
score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
AFFECTED PRODUCTS AND VERSIONS
Affected Product(s)Version(s)IBM Cloud Pak for Multicloud Management
Infrastructure ManagementAll
REMEDIATION/FIXES
Upgrade to IBM Cloud Pak for Multicloud Management 2.3.x Fix Pack 2 by following
the instructions at
https://www.ibm.com/docs/en/cloud-paks/cp-management/2.3.x?topic=upgrade-upgrading-fix-pack-2.
WORKAROUNDS AND MITIGATIONS
None
GET NOTIFIED ABOUT FUTURE SECURITY BULLETINS
Subscribe to My Notifications to be notified of important product support alerts
like this.
REFERENCES
Complete CVSS v3 Guide
On-line Calculator v3
Off
RELATED INFORMATION
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
CHANGE HISTORY
08 Nov 2021: Initial Publication
*The CVSS Environment Score is customer environment specific and will ultimately
impact the Overall CVSS Score. Customers can evaluate the impact of this
vulnerability in their environments by accessing the links in the Reference
section of this Security Bulletin.
DISCLAIMER
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY
ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
DOCUMENT LOCATION
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o
TPS"},"Product":{"code":"SSFC4F","label":"IBM Cloud Pak for Multicloud
Management"},"Component":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"2.3.x","Edition":"","Line
of Business":{"code":"LOB45","label":"Automation"}}]
DOCUMENT INFORMATION
More support for:
IBM Cloud Pak for Multicloud Management
Software version:
2.3.x
Operating system(s):
Linux
Document number:
6514811
Modified date:
09 November 2021
UID
ibm16514811
Page Feedback
Close
CONTACT AND FEEDBACK
NEED SUPPORT?
* Submit feedback to IBM Support
* 1-800-IBM-7378 (USA)
* Directory of worldwide contacts
Top products & platforms Industries Artificial intelligence Blockchain Business
operations Cloud computing Data & Analytics Hybrid cloud IT infrastructure
Security Supply chain What is Hybrid Cloud? What is Artificial intelligence?
What is Cloud Computing? What is Kubernetes? What are Containers? What is
DevOps? What is Machine Learning? IBM Consulting Communities Developer education
Support - Download fixes, updates & drivers IBM Research Partner with us -
PartnerWorld Training - Courses Upcoming events & webinars Annual report Career
opportunities Corporate social responsibility Diversity & inclusion Investor
relations News & announcements Thought leadership Security, privacy & trust
About IBM LinkedIn Twitter Instagram Contact IBM Privacy Terms of use
Accessibility United States — English Contact and feedback