Zowe Process Information: Newly implemented Coordinated Vulnerability Disclosure

Jakub Balhar

Dear zowe user,

We want to inform you that we have recently implemented a new coordinated vulnerability disclosure process which requires us to communicate vulnerabilities that may affect your system. As a result, we are disclosing a finding.

The finding is a vulnerability that affects Zowe API Mediation Layer in versions 1.16 to 1.19. Further details of the vulnerability are in the attached PDF document.

The recommendation is to upgrade to version 1.28.2 or use version 2.x of the Zowe.

We understand how important it is for you to keep your systems secure and protected, and we are committed to helping you do so. If you have any questions or concerns, please don’t hesitate to contact us via:

Thank you for your understanding and continued support,
Zowe Technical Steering Committee

Jakub Balhar
R&D Product Marketing Engineer 5  |  Mainframe Software Division (MSD)
Broadcom Software

CA CZ | V Parku 2316/12 Chodov | Praha 4, 011 148 00
jakub.balhar@...   |   broadcom.com

This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended recipient or the person responsible for delivering the e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it.