www.ibm.com
Open in
urlscan Pro
2a02:26f0:6c00:2bb::1e89
Public Scan
URL:
https://www.ibm.com/support/pages/node/6523410
Submission: On December 05 via api from US — Scanned from DE
Submission: On December 05 via api from US — Scanned from DE
Form analysis 3 forms found in the DOM
POST /support/pages/node/6523410
<form action="/support/pages/node/6523410" method="post" id="openid-connect-login-form" accept-charset="UTF-8">
<div><input data-drupal-selector="edit-openid-connect-client-generic-login" type="submit" id="edit-openid-connect-client-generic-login" name="generic" value="Log in with Generic" class="button js-form-submit form-submit">
</div><input autocomplete="off" data-drupal-selector="form-y5biosdw1yvkhmifu-nihgzoqnmsb5-mpvaacw5bmaw" type="hidden" name="form_build_id" value="form-y5BIosdw1YVkhMiFu-NIhgzOQnMSB5_MPVAaCW5bMAw">
<input data-drupal-selector="edit-openid-connect-login-form" type="hidden" name="form_id" value="openid_connect_login_form">
</form><form class="ibm-row-form ibm-home-search" enctype="multipart/form-data" id="spng-search" ng-submit="omniType()">
<p class="ibm-padding-top-r1 ibm-padding-bottom-0"> <input id="spng-search-query" name="text" size="40" type="search" autocomplete="off" placeholder="Search support or find a product">
<a title="Search" aria-label="Search" href="#" tabindex="-1" id="spng-search-button" ng-click="omniButton()" class="ibm-search-link ibm-textcolor-white-core common-search-link"></a> </p>
<div id="spng-search-typeahead-wrapper" style="display:none" class="search-results-wrapper">
<div id="spng-search-typeahead" class="common-search-results">
<div id="spng-spinner" style="display:none">
<h2 class="ibm-h2"><span class="ibm-spinner"> </span></h2>
</div>
<div id="sp-no-results" style="display:none">
<div class="results">
<p>No results were found for your search query.</p>
<div class="ibm-rule">
<hr>
</div>
<h5 class="ibm-h5"><strong>Tips</strong></h5>
<p>To return expected results, you can:</p>
<ul>
<li><strong>Reduce the number of search terms.</strong> Each term you use focuses the search further.</li>
<li><strong>Check your spelling.</strong> A single misspelled or incorrectly typed term can change your result.</li>
<li><strong>Try substituting synonyms for your original terms.</strong> For example, instead of searching for "java classes", try "java training"</li>
<li><strong>Did you search for an IBM acquired or sold product ?</strong> If so, follow the appropriate link below to find the content you need.</li>
</ul>
</div>
</div>
<div id="sp-doc-failure" style="display:none">
<div class="category">Our apologies</div>
<div class="results">
<p>Search results are not available at this time. Please try again later or use one of the other support options on this page.</p>
</div>
</div>
<div id="sp-prev-products" class="result_section"></div>
<div id="sp-wd-results" class="result_section"></div>
<div id="sp-prod-results" class="result_section"></div>
<div id="sp-doc-results" class="result_section"></div>
</div>
</div>
</form>POST javascript:void(0)
<form method="post" id="frm" enctype="multipart/form-data" class="ibm-row-form ibm-home-search" action="javascript:void(0)" onsubmit="return false;">
<div id="ibm-tc-check" style="display: none;">
<p class="ibm-left ibm-alternate-background">
<input class="ibm-styled-checkbox" data-init="false" type="checkbox" id="ibm-tc-checkbox" name="tc-adv-checkbox" value="checked" aria-labelledby="tc-check-label">
<label for="ibm-tc-checkbox" id="tc-check-label">Check here to start a new keyword search.</label>
</p>
</div>
<p class="ibm-padding-top-r1 ibm-padding-bottom-0 ibm-alternate-background">
<label for="iptSearch" id="iptSearch-label" class="ibm-access">Watson Product Search</label>
<span>
<input type="text" placeholder="Search support or find a product" value="" name="search" id="iptSearch" class="ibm-h3-medium ibm-h4-small" aria-labelledby="iptSearch-label" maxlength="125">
<a onclick="javascript:void(0); return false;" class="ibm-search-link ibm-textcolor-white-core" id="iptSearchButton" href="#">Search</a>
</span>
</p>
<div style="display:none;" id="divWatsonContainer" class="wd_result_container wd_result_width">
<div style="display:none;" class="ps_ibm-content wd_result_width" id="divWatsonDialogue">
<div style="display:none;" id="divWatsonSpinner" class="ibm-spinner ibm-h2"></div>
<div style="display:none;" class="wd_content_div wd_ul" id="divWatsonContent"></div>
<hr>
<p class="wd_search_link"><a id="watsonNOTALink" href="javascript:void(0)" class="ibm-forward-link">None of the above, continue with my search</a></p>
</div>
</div>
</form>Text Content
Support My IBM Log in
IBM SUPPORT
No results were found for your search query.
--------------------------------------------------------------------------------
TIPS
To return expected results, you can:
* Reduce the number of search terms. Each term you use focuses the search
further.
* Check your spelling. A single misspelled or incorrectly typed term can change
your result.
* Try substituting synonyms for your original terms. For example, instead of
searching for "java classes", try "java training"
* Did you search for an IBM acquired or sold product ? If so, follow the
appropriate link below to find the content you need.
Our apologies
Search results are not available at this time. Please try again later or use one
of the other support options on this page.
Check here to start a new keyword search.
Watson Product Search Search
--------------------------------------------------------------------------------
None of the above, continue with my search
SECURITY BULLETIN: A SECURITY VULNERABILITY IN NODE.JS JSONPOINTER MODULE
AFFECTS IBM CLOUD AUTOMATION MANAGER
SECURITY BULLETIN
SUMMARY
A security vulnerability in Node.js jsonpointer module affects IBM Cloud
Automation Manager.
VULNERABILITY DETAILS
CVEID: CVE-2021-23807
DESCRIPTION: Node.js jsonpointer module could allow a remote attacker to
execute arbitrary code on the system, caused by a prototype pollution flaw in
the pointer components. By adding or modifying properties of Object.prototype
using a __proto__ or constructor payload, an attacker could exploit this
vulnerability to execute arbitrary code or cause a denial of service condition
on the system.
CVSS Base score: 7.3
CVSS Temporal Score: See:
https://exchange.xforce.ibmcloud.com/vulnerabilities/212826 for the current
score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
AFFECTED PRODUCTS AND VERSIONS
Affected Product(s)Version(s)IBM Cloud Automation Manager4.2.0.1
REMEDIATION/FIXES
Download IBM Cloud Automation Manager 4.2.0.1 iFix 5 from
https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-cam-3.2.1-build600858&includeSupersedes=0
Follow the instructions in Readme link
in https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-cam-3.2.1-build600858&includeSupersedes=0
to install the iFix 5 to your IBM Cloud Automation Manager 4.2.0.1.
WORKAROUNDS AND MITIGATIONS
None
GET NOTIFIED ABOUT FUTURE SECURITY BULLETINS
Subscribe to My Notifications to be notified of important product support alerts
like this.
REFERENCES
Complete CVSS v3 Guide
On-line Calculator v3
Off
RELATED INFORMATION
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
CHANGE HISTORY
01 Dec 2021: Initial Publication
*The CVSS Environment Score is customer environment specific and will ultimately
impact the Overall CVSS Score. Customers can evaluate the impact of this
vulnerability in their environments by accessing the links in the Reference
section of this Security Bulletin.
DISCLAIMER
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY
ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
DOCUMENT LOCATION
Worldwide
[{"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data
Platform"},"Product":{"code":"SS2L37","label":"IBM Cloud Automation
Manager"},"Component":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"4.2.0.1","Edition":""}]
DOCUMENT INFORMATION
More support for:
IBM Cloud Automation Manager
Software version:
4.2.0.1
Operating system(s):
Linux
Document number:
6523410
Modified date:
03 December 2021
UID
ibm16523410
Page Feedback
Close
CONTACT AND FEEDBACK
NEED SUPPORT?
* Submit feedback to IBM Support
* 1-800-IBM-7378 (USA)
* Directory of worldwide contacts
Top products & platforms Industries Artificial intelligence Blockchain Business
operations Cloud computing Data & Analytics Hybrid cloud IT infrastructure
Security Supply chain What is Hybrid Cloud? What is Artificial intelligence?
What is Cloud Computing? What is Kubernetes? What are Containers? What is
DevOps? What is Machine Learning? IBM Consulting Communities Developer education
Support - Download fixes, updates & drivers IBM Research Partner with us -
PartnerWorld Training - Courses Upcoming events & webinars Annual report Career
opportunities Corporate social responsibility Diversity & inclusion Investor
relations News & announcements Thought leadership Security, privacy & trust
About IBM LinkedIn Twitter Instagram Contact IBM Privacy Terms of use
Accessibility United States — English Contact and feedback