Hello
Per the information at this URL there are a number of vulnerabilities for different version of ILMT. https://www.ibm.com/support/pages/node/1126755?myns=swgother&mynp=OCSS8JFY&mync=E&cm_sp=swgother--OCSS8JFY--E
If one is running BFI is there a collation between the two?
Generally, yes, most of the ILMT CVEs refer to the underlying application server (WebSphere Liberty) or runtime (IBM Java Runtime) that are common to both ILMT and BigFix Inventory. Some of the version numbers between ILMT and BigFix Inventory do not directly align though.
For the BigFix Inventory listing of CVEs corrected in each version Iād refer to the Release Notes, which is updated for each version at https://help.hcltechsw.com/bigfix/10.0/inventory/Inventory/overview/Release_notes.html
Since the separation from IBM, ILMT Core libraries included in BFI are 1 version behind, as it needs to be certified by IBM prior to inclusion in BFI. The following link provides the certification status/ILMT version for each release.
https://help.hcltechsw.com/bigfix/10.0/inventory/Inventory/overview/c_updates_and_patches.html