الموقع الرسمي للمركز الوطني الإرشادي للأمن السيبراني
تنبيه IBM
3159
تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
16 يونيو, 2022
● متوسط
2022-4958
الكل
الوصف:
أصدرت IBM عدّة تحديثات لمعالجة عددٍ من الثغرات في المنتجات التالية، أبرزها:
- Operations Dashboard
- 2020.4.1
- 2021.1.1
- 2021.2.1
- 2021.3.1
- 2021.4.1
- QRadar Advisor With Watson
- QRadar Advisor With Watson 2.5 – QRadar Advisor With Watson 2.6.2
- IBM HTTP Server
- 9.0
- 8.5
- 8.0
- 7.0
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- تنفيذ برمجيات خبيثة
- هجمة حجب الخدمة (DoS attack)
الاجراءات الوقائية:
يوصي المركز بتحديث المنتجات المتأثرة، حيث أصدرت IBM توضيحًا لهذه التحديثات،أبرزها:
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-financial-transaction-manager-for-digital-payments-for-multi-platform-is-vulnerable-to-sql-injection-cve-2019-4575/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-java-se-affect-ibm-cics-tx-advanced/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-cve-2021-35550-in-java-se-affects-ibm-cics-tx-advanced/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-cve-2021-35603-in-java-se-affects-ibm-cics-tx-advanced/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-cve-2021-35550-in-java-se-affects-ibm-cics-tx-standard/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-cve-2021-35603-in-java-se-affects-ibm-txseries-for-multiplatforms/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-cve-2021-39028-in-websphere-application-server-liberty-affects-ibm-cics-tx-standard/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-cve-2021-35550-in-java-se-affects-ibm-txseries-for-multiplatforms/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilites-cve-2018-25031-and-cve-2021-46708-in-websphere-application-server-liberty-affect-ibm-cics-tx-advanced/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-i-is-vulnerable-to-denial-of-service-and-cache-poisoning-attacks-due-to-flaws-in-isc-bind-cve-2022-0396-cve-2021-25220/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-z-transaction-processing-facility-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-java-se-affect-ibm-cics-tx-standard/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-cve-2021-35603-in-java-se-affects-ibm-cics-tx-standard/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilites-cve-2018-25031-and-cve-2021-46708-in-websphere-application-server-liberty-affect-ibm-cics-tx-standard/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-java-se-affect-ibm-txseries-for-multiplatforms/
- https://www.ibm.com/blogs/psirt/security-bulletin-operations-dashboard-is-vulnerable-to-denial-of-service-by-go-vulnerability-cve-2022-28327/
- https://www.ibm.com/blogs/psirt/security-bulletin-pip-as-used-by-ibm-qradar-advisor-with-watson-is-vulnerable-to-multiple-vulnerabilities-cve-2019-20916-cve-2021-3572-cve-2018-20225/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-http-server-used-by-ibm-websphere-application-server-2/
قيم المحتوى
شارك الصفحة
