تحديثات IBM
1751تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
9 سبتمبر, 2021
● متوسط
2021-3485
الكل
الوصف:
أصدرت IBM عدة تحديثات لمعالجة عدد من الثغرات في عدة منتجات، من أبرزها:
- IBM Security Guardium
- 11.1
- 11.2
- 11.3
- IBM Secure Proxy
- 6.0.1
- 6.0.2
- NX-OS
- 9.X
- IBM Workload Automation
- 9.4
- 9.5
- BM® Java SDK affect Liberty for Java for IBM Cloud
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- تنفيذ برمجيات خبيثة
- تجاوز مخزن الذاكرة المؤقت
- هجمة حجب الخدمة (DoS attack)
الإجراءات الوقائية:
يوصي المركز بتحديث النسخ المتأثرة حيث أصدرتIBM توضيحًا لهذه التحديثات:
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoint-and-content-collector-for-22/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoint-and-content-collector-for-23/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-identity-manager-deprecated-self-service-ui-contains-struts-v1-cve-2016-1182-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoint-and-content-collector-for-24/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilitiy-has-been-fixed-in-ibm-security-identity-manager-93519/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoint-and-content-collector-for-25/
- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2021-2161-may-affect-ibm-sdk-java-technology-edition-for-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoin/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-java-runtime-affect-ibm-integration-bus-and-ibm-app-connect-enterpise-v11-v12-cve-2020-14781/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-have-been-fixed-in-ibm-security-identity-manager-cve-2021-29687-cve-2021-29688-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2021-2161-may-affect-ibm-sdk-java-technology-edition-for-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoin-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2021-2161-may-affect-ibm-sdk-java-technology-edition-for-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoin-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-java-runtime-affect-ibm-integration-bus-and-ibm-app-connect-enterpise-v11-v12-cve-2020-14782/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-has-been-fixed-in-ibm-security-identity-manager-virtual-appliance-cve-2018-15494/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-java-runtime-affect-ibm-integration-bus-and-ibm-app-connect-enterpise-v11-v12-cve-2020-2773/
- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2021-2161-may-affect-ibm-sdk-java-technology-edition-for-content-collector-for-email-content-collector-for-file-systems-content-collector-for-microsoft-sharepoin-4/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-a-oracle-mysql-vulnerabilities-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-a-weak-password-policy-vulnerability-cve-2021-20418-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-a-reliance-on-untrusted-inputs-in-security-descision-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-an-improper-restriction-of-excessive-authentication-attempts-vulnerability-cve-2021-20427-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilitiy-has-been-fixed-in-ibm-security-identity-manager-cve-2021-29692/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-have-been-identified-in-ibm-java-sdk-that-affect-ibm-security-directory-cve-2021-2161/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-security-guardium-23/
- https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilitiy-has-been-identified-in-ibm-java-sdk-that-affect-ibm-security-directory-suite-cve-2021-2161/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-a-kernel-vulnerability-cve-2020-25705-cve-2020-28374-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-container-environment-vulnerabilities-affect-ibm-secure-proxy-cve-2020-14298-cve-2020-14300/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-nx-os-firmware-used-by-ibm-c-type-san-directors-and-switches-4/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-an-openldap-vulnerability-cve-2020-25692-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-identity-manager-password-synchronization-plug-in-for-windows-ad-affected-by-multiple-vulnerabilities-cve-2021-20483-cve-2021-20488-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-may-affect-ibm-workload-scheduler-6/
- https://www.ibm.com/blogs/psirt/security-bulletin-cve-2020-1971-vulnerability-in-openssl-may-affect-ibm-workload-scheduler-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-openssl-may-affect-ibm-workload-scheduler-5/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-affect-liberty-for-java-for-ibm-cloud-2/