الموقع الرسمي للمركز الوطني الإرشادي للأمن السيبراني
تم ارسال تقييمك بنجاح.
تحديثات IBM
1801
تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
1 سبتمبر, 2020
● عالي
2020-1706
الكل
الوصف:
أصدرت IBM عدّة تحديثات لمعالجة عددًا من الثغرات في المنتجات التالية:
- Resilient OnPrem
- IBM Security SOAR
- ISIM
- 6.0.0
- IBM Spectrum Protect Plus
- 10.1.0-10.1.6
- IBM Security Guardium Insights
- 2.0.1
- IBM Cloud Manager
- 4.3
- IBM Operations Analytics Predictive Insights
- 1.3.6
- IBM Transformation Extender
- 9.0
- 8.4.1
- 10.0
- IBM Content Collector for SAP Applications
- 4.0
- ISIM VA
- 7.0.1
- 7.0.2
- Content Collector for Email
- 4.0.1
- Content Collector for Microsoft SharePoint
- 4.0.1
- Content Collector for File Systems
- 4.0.1
- Content Collector for IBM Connections
- 4.0.1
- IBM Virtualization Engine
- IBM Netezza Host Management
- 5.4.9.0 – 5.4.28.0
- ISPIM
- 2.1.1
- 2.0.2
- 2.1.0
- IBM Application Gateway
- 1.0
- IBM HTTP Server
- 9.0
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- حجب الخدمة (DoS) .
- ترقية ورفع الصلاحيات.
- الحصول على معلومات حساسة.
- تنفيذ برمجيات خبيثة عن بعد.
الإجراءات الوقائية:
يوصي المركز بتحديث المنتجات المتأثرة، حيث أصدرت IBM توضيحًا لهذه التحديثات:
- https://www.ibm.com/blogs/psirt/security-bulletinibm-resilient-soar-is-using-components-with-known-vulnerabilities-dom4j-cve-2020-10683/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-fixed-in-ibm-security-identity-manager-cve-2019-4677/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-websphere-application-server-liberty-affect-ibm-spectrum-protect-plus/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-fixed-in-ibm-security-identity-manager-cve-2020-4538/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-resilient-soar-is-using-components-with-known-vulnerabilities-activemq-camel-5-15-9-jar-cve-2015-5182-cve-2015-5183-cve-2015-5184-cve-2020-1941/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-resilient-soar-is-using-components-with-known-vulnerabilities-okhttp-3-x-cve-2018-20200/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-resilient-soar-is-using-components-with-known-vulnerabilities-apache-tomcat-7-099-cve-2020-13935/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-insights-is-affected-by-components-with-known-vulnerabilities-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-use-of-a-broken-or-risky-cryptographic-algorithm-in-resilient-app-host-cve-2020-4637/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-insights-is-affected-by-components-with-known-vulnerabilities-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-cloud-manager-with-openstack/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-faster-xml-jackson-databind-affect-ibm-operations-analytics-predictive-insights/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java-sdk-affect-ibm-cloud-manager-with-openstack-cve-2020-2654/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sdk-java-technology-edition-quarterly-cpu-apr-2020-includes-cve-cve-2020-2781/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sdk-java-technology-edition-quarterly-cpu-apr-2020-includes-oracle-apr-2020-cpu-minus-cve-2020-2773-affect-content-collecor-for-sap-applications-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-identity-manager-virtual-appliance-is-affected-by-multiple-vulnerabilities-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-java-vulnerabilities-affect-ibm-spectrum-protect-plus-cve-2020-2805-cve-2020-2803-cve-2020-2830-cve-2020-2781-cve-2020-2800-cve-2020-2757-cve-2020-2756-cve-2020-275-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-jackson-databind-affect-ibm-operations-analytics-predictive-insights-cve-2019-14060-cve-2019-14661-cve-2019-14662/
- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-2654-may-affect-ibm-sdk-java-technology-edition-for-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoin/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java-sdk-affects-ibm-virtualization-engine-ts7700-april-2020/
- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-2654-may-affect-ibm-sdk-java-technology-edition-for-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoin-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerability-from-kernel-affects-ibm-netezza-host-management-4/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-security-privileged-identity-manager-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-rsyslog-affect-ibm-spectrum-protect-plus-cve-2019-17041-cve-2019-17042-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-privileged-identity-manager-is-affected-by-security-vulnerabilities-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-fixed-in-ibm-application-gateway/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-faster-xml-jackson-databind-affect-ibm-operations-analytics-predictive-insights-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-jackson-databind-excludes-most-polymorphic-typing-gadget-attacks-affect-ibm-operations-analytics-predictive-insights-cve-2019-14060-cve-2019-14661-cve-2019/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-privileged-identity-manager-is-affected-by-security-vulnerabilities-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-cloud-manager-with-openstack-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-jackson-vulnerabilities-affect-ibm-operations-analytics-predictive-insights-cve-2019-14060-cve-2019-14661-cve-2019-14662/
- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-2654-may-affect-ibm-sdk-java-technology-edition-for-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoin-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-the-ibm-http-server-used-by-websphere-application-server-is-fixed-in-9-0-0-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-gnu-gettext-affects-ibm-spectrum-protect-plus-cve-2018-18751-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-faster-xml-jackson-databind-affect-ibm-operations-analytics-predictive-insights-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-websphere-application-serverliberty-profile-affects-ibm-operations-analytics-predictive-insights-cve-2020-4329/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-resilient-soar-is-using-components-with-known-vulnerabilities-apache-thrift-cve-2019-0205/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-bash-affects-ibm-spectrum-protect-plus-cve-2019-9924-4/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-in-apache-struts-affect-ibm-sterling-file-gateway-cve-2019-0233-cve-2019-0230/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-faster-xml-jackson-affect-ibm-operations-analytics-predictive-insights-cve-2019-14060-cve-2019-14661-cve-2019-14662/
- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-2654-may-affect-ibm-sdk-java-technology-edition-for-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoin-4/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-java-sdk-technology-edition-oct-2019-affects-ibm-security-identity-manager-virtual-appliance/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-faster-xml-jackson-databind-affect-ibm-operations-analytics-predictive-insights-4/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-faster-xml-jackson-databind-affects-ibm-operations-analytics-predictive-insights/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java-sdk-affect-ibm-cloud-manager-with-openstack-cve-2019-2949/
آخر تحديث في 1 سبتمبر, 2020
قيم المحتوى
شارك الصفحة
