Vulnerability Name: CVE-2020-9546 (CCN-177102) Assigned: 2017-12-22 Published: 2017-12-22 Updated: 2021-12-02 Summary: FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). CVSS v3 Severity: 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
8.1 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 7.1 High (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): HighPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-502 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2020-9546 fasterxml-cve20209546-code-exec(177102) FasterXML jackson-databind https://github.com/FasterXML/jackson-databind/issues/2631 [zookeeper-issues] 20200308 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E [zookeeper-dev] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 [zookeeper-issues] 20200319 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 [zookeeper-issues] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 [zookeeper-issues] 20200319 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 [zookeeper-issues] 20200307 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 [zookeeper-issues] 20200430 [jira] [Resolved] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 [geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12 [debian-lts-announce] 20200305 [SECURITY] [DLA 2135-1] jackson-databind security update On Jackson CVEs: Dont Panic Here is what you need to know https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 https://security.netapp.com/advisory/ntap-20200904-0006/ Multiple vulnerabilities in jackson-databind affect IBM Platform Symphony and IBM Spectrum Symphony Multiple Security Vulnerabilities in Jackson-databind Affect IBM Sterling B2B Integrator Vulnerabilities in FasterXML jackson-databind affect IBM Spectrum Protect Plus (CVE-2020-9548, CVE-2020-9546. CVE-2020-9547, CVE-2020-8840, CVE-2019-20330) IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in FasterXML jackson-databind IBM Data Risk Manager is affected by multiple vulnerabilities Multiple vulnerabilities affects IBM Jazz Foundation and IBM Engineering products. jackson-databind (Publicly disclosed vulnerability) found in Network Performance Insight IBM Security Guardium Insights is affected by Components with known vulnerabilities IBM Security Guardium is affected by a jackson-databind vulnerability Security vulnerabilities have been fixed in the IBM Security Access Manager and IBM Security Verify Access products IBM Cognos Business Intelligence has addressed multiple vulnerabilities (Q12021) Series of vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis IBM Cognos Analytics has addressed multiple vulnerabilities IBM InfoSphere Information Server is affected by multiple vulnerabilities in Jackson databind Jackson-Databind Vulnerabilities Affect the B2B API of IBM Sterling B2B Integrator IBM Cloud Pak for Multicloud Management Monitoring has patched several open source dependencies Vulnerability in jackson-databind affects IBM Process Mining (Multiple CVEs) IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities IBM Cognos Analytics has addressed multiple vulnerabilities z/Transaction Processing Facility is affected by multiple vulnerabilities in the jackson-databind, jackson-dataformat-xml, jackson-core, slf4j-ext, and cxf-core packages Multiple vulnerabilities in Data-Binding for Jackson shipped with IBM Operations Analytics - Log Analysis Multiple CVEs affect IBM Integration Designer IBM Security Verify Governance is vulnerable to a denial of service caused by multiple vulnerabilities. Oracle Critical Patch Update Advisory - January 2021 https://www.oracle.com/security-alerts/cpujan2021.html Oracle Critical Patch Update Advisory - July 2020 https://www.oracle.com/security-alerts/cpujul2020.html Oracle Critical Patch Update Advisory - October 2020 https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/security-alerts/cpuoct2021.html Vulnerable Configuration: Configuration 1 :cpe:/a:fasterxml:jackson-databind:*:*:*:*:*:*:*:* (Version >= 2.7.0 and < 2.7.9.7)OR cpe:/a:fasterxml:jackson-databind:*:*:*:*:*:*:*:* (Version >= 2.8.0 and < 2.8.11.6) OR cpe:/a:fasterxml:jackson-databind:*:*:*:*:*:*:*:* (Version >= 2.9.0 and < 2.9.10.4) Configuration 2 :cpe:/a:netapp:active_iq_unified_manager:*:*:*:*:*:linux:*:* (Version >= 7.3OR cpe:/a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:* (Version >= 7.3 OR cpe:/a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:* (Version >= 9.5 Configuration 3 :cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:* Configuration 4 :cpe:/a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:* OR cpe:/a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:*:*:*:*:*:*:* OR cpe:/a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:* OR cpe:/a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:* OR cpe:/a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:* OR cpe:/a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:* OR cpe:/a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:* OR cpe:/a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:* OR cpe:/a:oracle:banking_platform:*:*:*:*:*:*:*:* (Version >= 2.4.0 and <= 2.9.0) OR cpe:/a:oracle:communications_calendar_server:8.0.0.4.0:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_contacts_server:8.0.0.4.0:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_contacts_server:8.0.0.5.0:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:* (Version >= 8.0.0 and <= 8.2.2) OR cpe:/a:oracle:communications_element_manager:*:*:*:*:*:*:*:* (Version >= 8.2.0 and <= 8.2.2) OR cpe:/a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_instant_messaging_server:10.0.1.4.0:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:* (Version >= 12.0.0 and <= 12.0.3) OR cpe:/a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:* (Version >= 8.2.0 and <= 8.2.2) OR cpe:/a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:* (Version >= 8.2.0 and <= 8.2.2) OR cpe:/a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* (Version >= 8.0.6 and <= 8.1.0) OR cpe:/a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:* OR cpe:/a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:* OR cpe:/a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:* OR cpe:/a:oracle:financial_services_institutional_performance_analytics:8.7.0:*:*:*:*:*:*:* OR cpe:/a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:* OR cpe:/a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:* OR cpe:/a:oracle:financial_services_retail_customer_analytics:8.0.6:*:*:*:*:*:*:* OR cpe:/a:oracle:global_lifecycle_management_opatch:*:*:*:*:*:*:*:* (Version < 12.2.0.1.20) OR cpe:/a:oracle:insurance_policy_administration_j2ee:11.0.2.25:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_policy_administration_j2ee:11.1.0.15:*:*:*:*:*:*:* OR cpe:/a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:* (Version < 9.2.4.2) OR cpe:/a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* (Version < 9.2.4.2) OR cpe:/a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:* OR cpe:/a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:* OR cpe:/a:oracle:primavera_unifier:*:*:*:*:*:*:*:* (Version >= 17.7 and <= 17.12) OR cpe:/a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:* OR cpe:/a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_merchandising_system:15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_sales_audit:14.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:18.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:19.0:*:*:*:*:*:*:* OR cpe:/a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* OR cpe:/a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* Configuration RedHat 1 :cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:* Configuration CCN 1 :cpe:/a:fasterxml:jackson-databind:2.9.10.3:*:*:*:*:*:*:* AND cpe:/a:ibm:cognos_business_intelligence:10.2.2:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_analytics:11.0:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_rhapsody_design_manager:6.0.2:*:*:*:*:*:*:* OR cpe:/a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:* OR cpe:/a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:* OR cpe:/a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:* OR cpe:/a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_protect_plus:10.1.0:*:*:*:*:*:*:* OR cpe:/a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:* OR cpe:/a:ibm:platform_symphony:7.1.1:*:*:*:*:*:*:* OR cpe:/a:ibm:platform_symphony:7.1.2:*:*:*:*:*:*:* OR cpe:/a:ibm:platform_symphony:7.2.0.2:*:*:*:*:*:*:* OR cpe:/a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_xstore_point_of_service:18.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_merchandising_system:15.0:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:6.0.1.0:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_analytics:11.1:*:*:*:*:*:*:* OR cpe:/a:ibm:watson_discovery:2.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:platform_symphony:7.3:*:*:*:*:*:*:* OR cpe:/a:ibm:platform_symphony:7.2.1:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_protect_plus:10.1.5:*:*:*:*:*:*:* OR cpe:/a:ibm:data_risk_manager:2.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:data_risk_manager:2.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:data_risk_manager:2.0.3:*:*:*:*:*:*:* OR cpe:/a:ibm:data_risk_manager:2.0.4:*:*:*:*:*:*:* OR cpe:/a:ibm:data_risk_manager:2.0.5:*:*:*:*:*:*:* OR cpe:/a:ibm:data_risk_manager:2.0.6:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:6.0.3.1:*:*:*:*:*:*:* OR cpe:/a:ibm:watson_discovery:2.1.2:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.5.3:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.6.0:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.1:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.2:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.3:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.4:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.5:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.6:*:*:*:*:*:*:* OR cpe:/a:ibm:data_risk_manager:2.0.6.1:*:*:*:*:*:*:* OR cpe:/a:ibm:data_risk_manager:2.0.6.2:*:*:*:*:*:*:* OR cpe:/a:ibm:security_guardium_insights:2.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:log_analysis:1.3.6.1:*:*:*:*:*:*:* OR cpe:/a:ibm:security_guardium:11.2:*:*:*:*:*:*:* OR cpe:/a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:security_access_manager:9.0.7:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:6.1.0.0:*:*:*:standard:*:*:* OR cpe:/a:ibm:integration_designer:20.0.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_analytics:11.2.0:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_analytics:11.1.7:-:*:*:*:*:*:* OR cpe:/a:ibm:cognos_analytics:11.2.1:*:*:*:*:*:*:* OR cpe:/a:ibm:security_verify_governance:10.0:*:*:*:*:*:*:* Oval Definitions BACK
fasterxml jackson-databind *
fasterxml jackson-databind *
fasterxml jackson-databind *
netapp active iq unified manager *
netapp active iq unified manager *
netapp active iq unified manager *
debian debian linux 8.0
oracle agile plm 9.3.6
oracle autovue for agile product lifecycle management 21.0.2
oracle banking digital experience 18.1
oracle banking digital experience 18.2
oracle banking digital experience 18.3
oracle banking digital experience 19.1
oracle banking digital experience 19.2
oracle banking digital experience 20.1
oracle banking platform *
oracle communications calendar server 8.0.0.4.0
oracle communications contacts server 8.0.0.4.0
oracle communications contacts server 8.0.0.5.0
oracle communications diameter signaling router *
oracle communications element manager *
oracle communications evolved communications application server 7.1
oracle communications instant messaging server 10.0.1.4.0
oracle communications network charging and control 6.0.1
oracle communications network charging and control *
oracle communications session report manager *
oracle communications session route manager *
oracle enterprise manager base platform 13.3.0.0
oracle enterprise manager base platform 13.4.0.0
oracle financial services analytical applications infrastructure *
oracle financial services institutional performance analytics 8.0.6
oracle financial services institutional performance analytics 8.0.7
oracle financial services institutional performance analytics 8.1.0
oracle financial services institutional performance analytics 8.7.0
oracle financial services price creation and discovery 8.0.6
oracle financial services price creation and discovery 8.0.7
oracle financial services retail customer analytics 8.0.6
oracle global lifecycle management opatch *
oracle insurance policy administration j2ee 11.0.2.25
oracle insurance policy administration j2ee 11.1.0.15
oracle jd edwards enterpriseone orchestrator *
oracle jd edwards enterpriseone tools *
oracle primavera unifier 16.1
oracle primavera unifier 16.2
oracle primavera unifier *
oracle primavera unifier 18.8
oracle primavera unifier 19.12
oracle retail merchandising system 15.0
oracle retail sales audit 14.1
oracle retail service backbone 14.1
oracle retail service backbone 15.0
oracle retail service backbone 16.0
oracle retail xstore point of service 15.0
oracle retail xstore point of service 16.0
oracle retail xstore point of service 17.0
oracle retail xstore point of service 18.0
oracle retail xstore point of service 19.0
oracle weblogic server 12.2.1.3.0
oracle weblogic server 12.2.1.4.0
fasterxml jackson-databind 2.9.10.3
ibm cognos business intelligence 10.2.2
ibm cognos analytics 11.0
ibm rational rhapsody design manager 6.0.2
oracle primavera unifier 16.1
oracle primavera unifier 16.2
oracle weblogic server 12.2.1.3.0
oracle retail xstore point of service 15.0
oracle retail xstore point of service 16.0
ibm infosphere information server 11.7
ibm spectrum protect plus 10.1.0
oracle primavera unifier 17.12
oracle retail service backbone 14.1
oracle retail service backbone 15.0
oracle retail service backbone 16.0
ibm platform symphony 7.1.1
ibm platform symphony 7.1.2
ibm platform symphony 7.2.0.2
oracle primavera unifier 18.8
ibm sterling b2b integrator 6.0.0.0
ibm sterling b2b integrator 5.2.0.0
oracle retail xstore point of service 17.0
oracle retail xstore point of service 18.0
oracle retail merchandising system 15.0
ibm sterling b2b integrator 6.0.1.0
ibm cognos analytics 11.1
ibm watson discovery 2.0.0
ibm platform symphony 7.3
ibm platform symphony 7.2.1
ibm spectrum protect plus 10.1.5
ibm data risk manager 2.0.1
ibm data risk manager 2.0.2
ibm data risk manager 2.0.3
ibm data risk manager 2.0.4
ibm data risk manager 2.0.5
ibm data risk manager 2.0.6
ibm sterling b2b integrator 6.0.3.1
ibm watson discovery 2.1.2
ibm log analysis 1.3.5.3
ibm log analysis 1.3.6.0
ibm log analysis 1.3.1
ibm log analysis 1.3.2
ibm log analysis 1.3.3
ibm log analysis 1.3.4
ibm log analysis 1.3.5
ibm log analysis 1.3.6
ibm data risk manager 2.0.6.1
ibm data risk manager 2.0.6.2
ibm security guardium insights 2.0.1
ibm log analysis 1.3.6.1
ibm security guardium 11.2
ibm security verify access 10.0.0
ibm security access manager 9.0.7
ibm sterling b2b integrator 6.1.0.0
ibm integration designer 20.0.0.2
ibm cognos analytics 11.2.0
ibm cognos analytics 11.1.7
ibm cognos analytics 11.2.1
ibm security verify governance 10.0
Denotes that component is vulnerable