IBM تحديثات
1679تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
20 مايو, 2021
● عالي
2021-2938
الكل
الوصف:
أصدرت IBM عدة تحديثات لمعالجة عدد من الثغرات في عدد من منتجاتها، ومن أبرزها:
- IBM Cloud Pak for Multicloud Management Infrastructure Management
- All
- IBM Cloud Automation Manager
- 4.2.0.1
- IBM Elastic Storage System
- 6.0.0 – 6.0.2.0
- IBM SQL Extensions Toolkit for NPS
- 11.2.0.0
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- هجمة حجب الخدمة (DoS attack)
- الكشف والإفصاح عن معلومات حساسة
- تنفيذ أوامر خبيثة
الإجراءات الوقائية:
يوصي المركز بتحديث النسخ المتأثرة حيث أصدرتIBM توضيحًا لهذه التحديثات:
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-braces-and-netmask-module-affects-ibm-cloud-automation-manager/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-pcre-affects-ibm-sql-extensions-toolkit-for-nps/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-pug-pug-code-gen-module-affects-ibm-cloud-automation-manager/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-have-been-fixed-in-ibm-security-identity-manager-virtual-appliance/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-is-affected-by-a-vulnerability-within-libcurl-cve-2020-8284/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-netmask-module-affects-ibm-cloud-automation-manager/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-spectrum-scale-transparent-cloud-tiering-is-affected-by-a-vulnerability-in-ibm-runtime-environment-java/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-braces-and-netmask-module-affects-ibm-cloud-pak-for-multicloud-management-managed-service/
- https://www.ibm.com/blogs/psirt/security-bulletin-there-are-multiple-vulnerabilities-in-the-linux-kernel-used-in-ibm-elastic-storage-system-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-lodash-module-affects-ibm-cloud-pak-for-multicloud-management-managed-service-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-is-vulnerable-to-multiple-issues-with-the-ibm-runtime-environment-java-technology-edition-shipped-with-ibm-mq-cve-2020-14781-cve-2020-14782/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-pug-and-pug-code-gen-module-affects-ibm-cloud-pak-for-multicloud-management-managed-service/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-gnu-binutils-affect-ibm-netezza-analytics-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-elastic-storage-system-systems-are-affected-by-vulnerabilities-in-openssl/
- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2021-2161-may-affect-ibm-sdk-java-technology-edition/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-braces-and-netmask-module-affects-ibm-cloud-automation-manager/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-pcre-affects-ibm-sql-extensions-toolkit-for-nps/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-node-js-pug-pug-code-gen-module-affects-ibm-cloud-automation-manager/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-affects-ibm-developer-for-z-systems-2/