الموقع الرسمي للمركز الوطني الإرشادي للأمن السيبراني
تنبيه IBM
3037
تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
9 يونيو, 2022
● عالي
2022-4926
الكل
الوصف:
أصدرت IBM عدّة تحديثات لمعالجة عددٍ من الثغرات في المنتجات التالية، أبرزها:
- IBM Spectrum Scale
- 5.1.0 - 5.1.3.0
- IBM QRadar Data Synchronization App
- 1.0 – 3.0.0
- Rational Service Tester RST
- 9.1
- 9.2
- 9.5
- IBM Tivoli Monitoring
- 6.3.0 Fix Pack 7 Service Pack 5 (or later Service Pack)
- IBM CICS TX Advanced
- 10.1
- 11.1
- IBM Netezza Host Management
- 5.4.9.0 – 5.4.32.0
- 5.2.1.0 – 5.4.31.0
- IBM CICS TX Standard
- 11.1
- IBM PureData System for Operational Analytics
- 1.1
- IBM® SDK, Java™ Technology Edition
- 7.0.0.0 - 7.0.11.5
- 7.1.0.0 - 7.1.5.5
- 8.0.0.0 - 8.0.7.6
- IBM Robotic Process Automation
- 21.0.2
- IBM Robotic Process Automation for Cloud Pak
- 21.0.2
- IBM Robotic Process Automation as a Service
- 21.0.2
- SOAR App Host
- 1 – 1.9
- IBM® Security SOAR
- 32.0 – 44
- IBM Db2 Mirror for i
- 7.5
- 7.4
- IBM Sterling Connect:Direct Web Services
- 1.0
- 6.1.0
- 6.2.0
- 6.0
- Enterprise Content Management System Monitor
- 5.5
- IBM Watson Machine Learning Accelerator
- 2.2.0,2.2.1,2.2.2,2.2.3
- 2.3.0,2.3.1,2.3.2,2.3.3,2.3.4,2.3.5,2.3.6,2.3.7,2.3.8
- 1.2.1,1.2.2,1.2.3
- IBM Cloud Private
- 3.1.0
- 3.1.1
- 3.1.2
- 3.2.0
- CD3.2.1
- CD3.2.2
- IBM Security Guardium
- 11.0
- 11.1
- 11.2
- 11.3
- 11.4
- IBM® Db2®
- V9.7
- V10.1
- V10.5
- V11.1
- V11.5
- IBM Netcool Agile Service Manager
- 1.1
- IBM Spectrum Protect Plus
- 10.1.0.0 - 10.1.9.3
- IBM i
- 7.5
- 7.4
- 7.3
- 7.2
- IBM RackSwitch firmware
- G7028
- 7.6
- G8316
- 7.9
- G8052
- 7.11
- G8264
- 7.11
- G8332
- 7.7
- G8264T
- 7.9
- G8124/G8124E
- 7.11
- G8264CS_SI_Fabric_Image
- 7.8
- G8264CS
- 7.8
- G7028
- IBM Flex System switch firmware
- IBM Flex System EN2092 1Gb Ethernet Scalable Switch
- 7.8
- IBM Flex System Fabric SI4093 GbFSIM 10Gb Scalable Switch
- 7.8
- IBM Flex System Fabric EN4093/EN4093R 10Gb Scalable Switch
- 7.8
- IBM Flex System CN4093 10Gb Converged Scalable Switch
- 7.8
- IBM Flex System EN2092 1Gb Ethernet Scalable Switch
- IBM DataPower Gateway
- IBM DataPower Gateway V10CD
- 10.0.2.0-10.0.3.0
- IBM DataPower Gateway 10.0.1
- 10.0.1.0-10.0.1.4
- IBM DataPower Gateway
- 2018.4.1.0-2018.4.1.17
- IBM DataPower Gateway V10CD
- IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data
- 4.0.0 – 4.0.8
- IBM Telco Network Cloud Manager – Performance (TNCP)
- TNC-P 1.4
- TNC-P 1.4.1
- TNC-P 1.3
- TNC-P 1.2
- IBM Edge Application Manger
- 4.3
- IBM Cognos Controller
- 10.4.2
- 10.4.1
- 10.4.0
- InfoSphere Information Server
- 11.7
- IBM MaaS360 VPN Module
- 2.106.100 وما قبله
- IBM MaaS360 Mobile Enterprise Gateway
- 2.106.200 وما قبله
- IBM MaaS360 Cloud Extender Agent
- 2.106.100.008 وما قبله
- IBM WIoTP MessageGateway
- 5.0.0.1
- IBM IoT MessageSight
- 5.0.0.0
- IBM Cloud Pak for Data System 1.0
- 1.0.0.0- 1.0.7.7
- IBM Security SiteProtector System
- 3.1.1
- R9.1
- R9.2
- R8.5
- ICP – IBM Match 360
- v4.0.7 وما قبله
- IBM QRadar SIEM
- v7.3 وما قبله
- IBM QRadar SIEM
- v7.4 وما قبله
- IBM QRadar SIEM
- v7.5 وما قبله
- IBM Cognos Command Center
- 10.2.4.1
- Spring Framework, OpenSSL and Apache HTTP Server
- R9.0x
- R9.1x
- R9.2x
التهديدات:
يمكن للمهاجم استغلال الثغرات من خلال تنفيذ التالي:
- الكشف والإفصاح عن معلومات حساسة
- تنفيذ برمجيات خبيثة
- هجمة حجب الخدمة (DoS)
- تجاوز سعة مخزن الذاكرة المؤقت
- رفع الصلاحيات لزيادة قدرته على التعديل في النظام
- حقن البرمجيات
- تجاوز القيود الأمنية
الاجراءات الوقائية:
يوصي المركز بتحديث المنتجات المتأثرة، حيث أصدرت IBM توضيحًا لهذه التحديثات، أبرزها:
- https://www.ibm.com/support/pages/node/6579139
- https://www.ibm.com/support/pages/node/6590981
- https://www.ibm.com/support/pages/node/6591001
- https://www.ibm.com/support/pages/node/6590977
- https://www.ibm.com/support/pages/node/6590933
- https://www.ibm.com/support/pages/node/6590947
- https://www.ibm.com/support/pages/node/6590935
- https://www.ibm.com/support/pages/node/6590993
- https://www.ibm.com/support/pages/node/6591179
- https://www.ibm.com/support/pages/node/6591237
- https://www.ibm.com/support/pages/node/6591155
- https://www.ibm.com/support/pages/node/6551988
- https://www.ibm.com/support/pages/node/6591189
- https://www.ibm.com/support/pages/node/6591173
- https://www.ibm.com/support/pages/node/6591113
- https://www.ibm.com/support/pages/node/6591291
- https://www.ibm.com/support/pages/node/6563575
- https://www.ibm.com/support/pages/node/6591297
- https://www.ibm.com/support/pages/node/6591203
- https://www.ibm.com/support/pages/node/6591505
- https://www.ibm.com/support/pages/node/6591519
- https://www.ibm.com/support/pages/node/6591511
- https://www.ibm.com/support/pages/node/6591509
- https://www.ibm.com/support/pages/node/6591437
- https://www.ibm.com/support/pages/node/6591499
- https://www.ibm.com/support/pages/node/6591351
- https://www.ibm.com/support/pages/node/6591361
- https://www.ibm.com/support/pages/node/6592169
- https://www.ibm.com/support/pages/node/6591309
- https://www.ibm.com/support/pages/node/6592573
- https://www.ibm.com/support/pages/node/6592807
- https://www.ibm.com/support/pages/node/6592587
- https://www.ibm.com/support/pages/node/6592581
- https://www.ibm.com/support/pages/node/6570741
- https://www.ibm.com/support/pages/node/6592267
- https://www.ibm.com/support/pages/node/6591347
- https://www.ibm.com/support/pages/node/6592779
- https://www.ibm.com/support/pages/node/6555376
- https://www.ibm.com/support/pages/node/6528672
- https://www.ibm.com/support/pages/node/6592963
- https://www.ibm.com/support/pages/node/6528678
قيم المحتوى
شارك الصفحة
