SymmetricalDataSecurity: Security Bulletin: IBM Cloud Pak for Integration Operators affected by multiple vulnerabilities

Friday, October 2, 2020

Oct 2, 2020 8:00 pm EDT

Share this post:

Operators for BM Cloud Pak for Integration (CP4I) version 2020.2 are affected by vulnerabilities in Go prior to Go version 1.14.7.

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
Asset Repository in IBM Cloud Pak for Integration (CP4I)	Operator 1.0.0
Asset Repository in IBM Cloud Pak for Integration (CP4I)	Operator 1.0.1
Platform Navigator in IBM Cloud Pak for Integration (CP4I)	Operator 4.0.0
Platform Navigator in IBM Cloud Pak for Integration (CP4I)	Operator 4.0.1
IBM Cloud Pak for Integration (CP4I)	Operator 1.0.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6340643

from IBM Product Security Incident Response Team https://ift.tt/34jSEP5

SymmetricalDataSecurity