الموقع الرسمي للمركز الوطني الإرشادي للأمن السيبراني
تنبيه IBM
2109
تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
24 إبريل, 2022
● عالي
2022-4713
الكل
أصدرت IBM عدّة تحديثات لمعالجة عددٍ من الثغرات في المنتجات التالية:
- IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data
- 4.0.0 – 4.0.6
- IBM Cloud Private
- 3.2.1 CD
- 3.2.2 CD
- IBM Sterling File Gateway
- 6.0.0.0 – 6.0.3.5, 6.1.0.0 – 6.1.0.4, 6.1.1.1
- IBM Watson Explorer Deep Analytics Edition Foundational Components
- 12.0.0.0
- 12.0.1
- 12.0.2.0 – 12.0.2.2
- 12.0.3.0 – 12.0.3.9
- IBM Watson Explorer Deep Analytics Edition Analytical Components
- 12.0.0.0
- 12.0.1
- 12.0.2.0 – 12.0.2.2
- 12.0.3.0 – 12.0.3.9
- IBM Watson Explorer Foundational Components
- 11.0.0.0 – 11.0.0.3
- 11.0.1
- 11.0.2.0 – 11.0.2.13
- IBM Watson Explorer Analytical Components
- 11.0.0.0 – 11.0.0.3
- 11.0.1
- 11.0.2.0 – 11.0.2.13
- IBM Planning Analytics Workspace 2.0
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- هجمة حجب الخدمة (DoS attack)
- تنفيذ برمجيات خبيثة عن بعد
- تجاوز سعة مخزن الذاكرة المؤقت
- الكشف عن المعلومات الحساسة
وصي المركز بتحديث النسخ المتأثرة، حيث أصدرت IBM توضيحًا لهذه التحديثات:
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-python-cve-2021-3733/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-golang-cve-2021-33196/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-ibm-websphere-application-server-cve-2021-29842/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-mongodb-cve-2021-20329/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-golang-cve-2021-34558/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-node-js-cve-2021-44532-cve-2021-44533-cve-2022-21824/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-openssl-cve-2021-3601/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-node-js-cve-2021-22959-cve-2021-22960/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-curl-cve-2021-22925/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-xrdp-package-for-alpine-linux-cve-2021-36158/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-openssl-cve-2021-3712/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-app-connect-enterprise-certified-container-operands-may-be-vulnerable-to-loss-of-confidentiality-due-to-cve-2022-0536/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-kubernetes-cve-2021-25737/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-ibm-websphere-application-server-cve-2021-20492/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-curl-cve-2021-22924/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-jwt-go-vulnerability-affects-ibm-watson-speech-services-cartridge-for-ibm-cloud-pak-for-data-cve-2020-26160/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-golang-cve-2021-33194/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-golang-cve-2022-23772-cve-2022-23773-cve-2022-23806/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-golang-cve-2021-33195/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sterling-file-gateway-is-affected-by-a-remote-code-execution-in-spring-framework-cve-2022-22965/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-kubernetes-cve-2021-25741/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-kubernetes-cve-2021-25742/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-java-multiple-cves/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-java-multiple-cves-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-golang-cve-2021-41772cve-2021-41771/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-apache-commons-compress-cve-2021-35517-cve-2021-36090/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-curl-cve-2021-22898/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-golang-go-affects-ibm-watson-speech-services-cartridge-for-ibm-cloud-pak-for-data-cve-2021-29923/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-golang-cve-2021-33197/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-curl-cve-2021-22946/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-zabbix-agent2-package-for-alpine-linux-cve-2022-22704/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-exists-for-spring-framework-in-watson-explorer-cve-2021-22060-cve-2022-22965-cve-2022-22950/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-node-js-cve-2021-37701/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-golang-cve-2021-36221/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-node-js-cve-2021-37713/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-node-js-cve-2021-39135/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-node-js-cve-2021-23362-cve-2021-22918/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-exist-in-watson-explorer-for-ibm-websphere-application-server-liberty-cve-2021-39031/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-curl-cve-2021-22876/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-curl-multiple-cves/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-node-js-cve-2021-39134/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-planning-analytics-is-affected-by-security-vulnerabilities/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-golang-cve-2021-31525/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-curl-cve-2021-22945/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-ibm-websphere-application-server-cve-2021-39031/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-golang-cve-2021-44716-cve-2021-44717/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-golang-cve-2021-29923/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-node-js-cve-2021-22930/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-curl-cve-2021-22947/
قيم المحتوى
شارك الصفحة
