الموقع الرسمي للمركز الوطني الإرشادي للأمن السيبراني
تحديثات IBM
2785
تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
13 سبتمبر, 2020
● متوسط
2020-1762
الكل
الوصف:
أصدرت IBM عدّة تحديثات لمعالجة عددٍ من الثغرات في المنتجات التالية:
- IBM Operations Analytics Predictive Insights
- Liberty for Java
- 3.47
- IBM Db2
- V11.1
- V11.5
- HOD
- V12
- V13
- V14
- IBM Cloud Pak System
- v2.3.0.1
- v2.3.1.1
- v.2.3.2.0
- IBM Kenexa LCMS Premier on premise
- 14.0 وما قبل
- LMS 6.1 وما قبل
- IBM Cloud Pak System
- 2.3.0.1
- 2.3.1.1
- 2.3.2.0
- OS Image for RedHat Enterprise
- v3.0.14
- v3.0.15
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- حجب الخدمة (DoS).
- هجمة البرمجة عبر المواقع (Cross-site scripting (XSS)).
- الحصول على معلومات حساسة.
الإجراءات الوقائية:
يوصي المركز بتحديث النسخ المتأثرة، حيث أصدرت IBM توضيحًا لهذه التحديثات:
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-may-affect-ibm-sdk-java-technology-edition-used-in-liberty-for-java-for-ibm-cloud-cve-2020-2601/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-sdk-and-ibm-java-runtime-related-to-the-kerberos-component-affect-ibm-db2-cve-2019-2949/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-on-aix-and-linux-affected-by-a-vulnerability-in-ibm-spectrum-scale-cve-2020-4412/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sdk-java-technology-edition-quarterly-cpu-jul-2020-includes-oracle-jul-2020-cpu-plus-one-additional-vulnerability-affects-liberty-for-java-for-ibm-cloud/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-on-aix-and-linux-affected-by-a-vulnerability-in-ibm-spectrum-scale-cve-2020-4411/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-may-affect-ibm-sdk-java-technology-edition-used-in-liberty-for-java-for-ibm-cloud-cve-2020-2590/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java-runtime-affects-host-on-demand-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-addressed-in-ibm-cloud-pak-system-april-2020-updates/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-kenexa-lcms-premier-on-premise-all-jquery-publicly-disclosed-vulnerability-cve-2020-11023-cve-2020-11022/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-side-channel-in-intel-cpus-affect-ibm-cloud-pak-system-cve-2019-11135/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-kenexa-lcms-premier-on-premise-all-jquery-publicly-disclosed-vulnerability-cveid-180875/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-kenexa-lms-on-premise-ibm-sdk-java-technology-edition-quarterly-cpu-jul-2020-includes-oracle-jul-2020-cpu-plus-one-additional-vulnerability/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-openssl-library-affects-os-pattern-kit-used-in-ibm-cloud-pak-system/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-libcurl-affects-the-os-image-for-redhat-enterprise-linux-for-ibm-cloud-pak-system-cve-2019-5436/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-apache-avtivemq-affects-ibm-operations-analytics-predictive-insights-cve-2020-1941/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-pak-system-is-affected-by-a-vulnerability-in-vmware-component/
قيم المحتوى
شارك الصفحة
