الموقع الرسمي للمركز الوطني الإرشادي للأمن السيبراني
تحديثات IBM
2859
تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
16 يوليو, 2020
● متوسط
2020-1512
الكل
الوصف:
أصدرت IBM عدّة تحديثات لمعالجة عددًا من الثغرات في المنتجات التالية:
- System x3250 M5 5458
- JUE1
- System x3100 M5 5457
- J9E1
- IBM Tivoli System Automation for Multiplatforms
- 4.1
- FlashSystem 900 MTM: 9840-AE2 and 9843-AE2
- 1.5.2.6
- 1.6.1.1
- FlashSystem 840 MTM: 9840-AE1 and 9483-AE1
- 1.5.2.6
- FlashSystem V9000 storage enclosure MTM: 9846-AE3 and 9848-AE3
- 1.5.2.6
- 1.6.1.1
- IBM Tivoli System Automation Application Manager
- 4.1
- eDiscovery Analyzer
- 2.2.2
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- حجب الخدمة (DoS).
- الحصول على معلومات حساسة.
الإجراءات الوقائية:
يوصي المركز بتحديث المنتجات المتأثرة، حيث أصدرت IBM توضيحًا لهذه التحديثات:
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-application-manager-apr-2020-cpu-cve-2020-2805-cve-2020-2803-cve-2020-2757-cve-2020-2756/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-java-affect-the-ibm-flashsystem-900-cve-2019-2989-and-cve-2019-2964-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-for-multiplatforms-apr-2020-cpu/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-has-released-a-unified-extensible-firmware-interface-uefi-fix-in-response-to-an-intel-escalation-of-information-disclosure-vulnerability/
- https://www.ibm.com/blogs/psirt/security-bulletin-xml-external-entity-injection-xxe-vulnerability-affects-ibm-secure-proxy-cve-2020-4462/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-java-runtime-vulnerability-affects-ibm-sterling-external-authentication-server-cve-2020-2781/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-java-runtime-vulnerability-affects-ibm-secure-proxy-cve-2020-2654/
- https://www.ibm.com/blogs/psirt/security-bulletin-session-cookie-is-missing-secure-attribute-and-affects-ibm-publishing-engine/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-java-runtime-vulnerability-affects-ibm-sterling-secure-proxy-cve-2020-2781/
- https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerabilities-from-kernel-affect-ibm-netezza-host-management-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-for-multiplatforms-jan-2020-cpu-cve-2020-2654/
- https://www.ibm.com/blogs/psirt/security-bulletin-cross-site-scripting-vulnerability-affects-ibm-jazz-foundation-and-ibm-engineering-products/
- https://www.ibm.com/blogs/psirt/security-bulletin-http-header-weakness-affects-ibm-secure-external-authentication-server/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-java-runtime-vulnerability-affects-ibm-secure-external-authentication-server-cve-2020-2654/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-application-manager-jan-2020-cpu-cve-2020-2654/
- https://www.ibm.com/blogs/psirt/security-bulletin-missing-cookie-attribute-vulnerability-affects-ibm-secure-proxy/
- https://www.ibm.com/blogs/psirt/security-bulletin-cross-site-scripting-and-vulnerable-library-jquery-v1-11-1-affects-ibm-engineering-workflow-management/
- https://www.ibm.com/blogs/psirt/security-bulletin-xml-external-entity-injection-xxe-vulnerability-affects-ibm-secure-external-authentication-server-cve-2020-4462/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-application-manager-oct-2019-cpu-cve-2019-2949/
قيم المحتوى
شارك الصفحة
