الموقع الرسمي للمركز الوطني الإرشادي للأمن السيبراني
تحديثات IBM
2591
تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
2 سبتمبر, 2020
● عالي
2020-1714
الكل
الوصف:
أصدرت IBM عدة تحديثات لمعالجة عدد من الثغرات في المنتجات التالية:
- IBM Spectrum Protect Server
- IBM SDK, Java Technology Edition Quarterly
- IBM Security Guardium Insights
- Mozilla Firefox
- APM AM
- BAM
- APM SaaS
- APM on-premise
- ICAM
- kernel
- IBM Security Guardium
- IBM Jazz Foundation and IBM Engineering
- RDNG
- DOORS Next
- RTC
- EWM 7.0
- IBM Engineering Requirements Management DOORS Next
- RELM
- ENI
- RQM
- ETM
- CLM
- ELM
- IBM Engineering Workflow Management
- IBM Security Guardium
- Java
- IBM Spectrum Scale Transparent Cloud Tiering
- IBM Spectrum Protect Operations Center
- Apache Commons Codec
- IBM Spectrum Scale Transparent Cloud Tiering
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- الكشف والإفصاح غير المصرح به للمعلومات
- هجمة حجب الخدمة (DoS attack)
- تنفيذ برمجيات خبيثة
- تجاوز آلية حماية
الإجراءات الوقائية:
يوصي المركز بتحديث النسخ المتأثرة حيث أصدرتIBM توضيحًا لهذه التحديثات:
- https://www.ibm.com/blogs/psirt/security-bulletin-denial-of-service-vulnerability-in-ibm-spectrum-protect-server-cve-2020-4559-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-insights-is-affected-by-an-ibm-sdk-java-technology-edition-quarterly-cpu-jul-2020-includes-oracle-jul-2020-cpu-vulnerability/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-68-9-0-esr-cve-2020-12410-hava-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if11-icam2019-3-0-2020-2-0/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-a-kernel-vulnerability-13/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affects-ibm-jazz-foundation-and-ibm-engineering-products-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-an-os-command-injection-vulnerabilities-7/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-security-guardium-6/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-an-os-command-injection-vulnerabilities-8/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-spectrum-scale-transparent-cloud-tiering-is-affected-by-a-java-vulnerability-cve-2020-2654/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-use-of-hard-coded-credentials-vulnerabilities-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-information-disclosure-vulnerability-in-ibm-spectrum-protect-server-cve-2020-4591-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-code-injection-vulnerability-in-ibm-spectrum-protect-operations-center-cve-2020-4693/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-commons-codec-affects-ibm-spectrum-scale-transparent-cloud-tiering-177835/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-a-cross-site-scripting-vulnerability-4/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-68-9-0-esr-hava-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if11-icam2019-3-0-2020-2-0/
قيم المحتوى
شارك الصفحة
