تحديثات IBM
1852تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
11 أغسطس, 2020
● عالي
2020-1618
الكل
الوصف:
أصدرت IBM عدة تحديثات لمعالجة عدد من الثغرات في المنتجات التالية:
- WebSphere Liberty
- IBM Event Streams
- IBM Event Streams in IBM Cloud Pak for Integration
- Java
- IBM Event Streams
- IBM Event Streams in IBM Cloud Pak for Integration
- Apache Commons Compress
- IBM Event Streams
- IBM Event Streams in IBM Cloud Pak for Integration
- Kernel
- IBM Netezza Host Management
- BM QRadar Network Packet Capture
- Node.js
- IBM Event Streams
- Bind
- IBM Netezza Host Management
- OpenSSL package
- IBM Event Streams
- Qemu
- IBM Netezza Host Management
- Libreswan
- IBM Netezza Host Management
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- هجمة حجب الخدمة (DoS attack)
- الكشف والإفصاح عن معلومات حساسة
- تنفيذ برمجيات خبيثة
الإجراءات الوقائية:
يوصي المركز بتحديث النسخ المتأثرة حيث أصدرتIBM توضيحًا لهذه التحديثات:
- https://www.ibm.com/blogs/psirt/security-bulletin-information-disclosure-in-websphere-liberty-cve-2020-4329/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affected-by-a-java-vulnerability-cve-2020-2654/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affected-by-a-vulnerability-in-apache-commons-compress-cve-2019-12402/
- https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerabilities-from-kernel-affect-ibm-netezza-host-management-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-jquery-as-used-by-ibm-qradar-network-packet-capture-is-vulnerable-to-cross-site-scripting-xss-cve-2020-11023-cve-2020-11022/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affected-by-multiple-node-js-vulnerabilities-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerabilities-from-bind-affect-ibm-netezza-host-management/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-affected-by-multiple-vulnerabilities-in-openssl-package/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-event-streams-is-affected-by-multiple-java-vulnerabilities/
- https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerability-from-qemu-affects-ibm-netezza-host-management/
- https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerability-from-libreswan-affects-ibm-netezza-host-management/