الموقع الرسمي للمركز الوطني الإرشادي للأمن السيبراني
تحديثات IBM
1680
تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
16 سبتمبر, 2020
● عالي
2020-1785
الكل
الوصف:
أصدرت IBM عدة تحديثات لمعالجة عدد من الثغرات في المنتجات التالية:
- vFinder
- eDiscovery Analyzer 2.2.2
- IBM Java Runtime
- IBM Cloud Transformation Advisor 2.1.1, 2.2.0
- Rational Directory Server (Tivoli) 5.2.1 iFix 13 and earlier
- Rational Directory Administrator 6.0.0.2 iFix 06 and earlier
- IBM Java SDK
- eDiscovery Analyzer 2.2.2
- Node.js lodash module
- IBM Cloud Transformation Advisor 2.1.1, 2.2.0
- Trusteer Pinpoint 11.6.5 and earlier
- BM Maximo Asset Management 7.6.0, 7.6.1
- IBM Security Identity Manager Virtual Appliance 7.0.2, 7.0.1
- Apache ActiveMQ
- IBM Operations Analytics Predictive Insights
- Apache Batik library
- IBM Cúram Social Program Management 7.0.10, 7.0.5.0 – 7.0.9
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- الكشف والإفصاح عن معلومات حساسة
- هجمة حجب الخدمة (DoS attack)
- تنفيذ برمجيات خبيثة
- تجاوز سعة مخزن الذاكرة المؤقت
الإجراءات الوقائية:
يوصي المركز بتحديث النسخ المتأثرة حيث أصدرت IBM توضيحًا لهذه التحديثات:
- https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerability-found-by-vfinder-in-ibm-ediscovery-analyzer-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-java-runtime-affect-ibm-cloud-transformation-advisor/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-ediscovery-analyzer-4/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-cloud-transformation-advisor-4/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java-runtime-affects-ibm-cloud-transformation-advisor/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-transformation-advisor-is-affected-by-a-node-js-lodash-module-vulnerability/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java-runtime-affects-ibm-cloud-transformation-advisor-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-trusteer-pinpoint-affected-by-security-vulnerability-cve-2020-4708/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java-runtime-affects-ibm-cloud-transformation-advisor-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java-runtime-affects-ibm-cloud-transformation-advisor-4/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-transformation-advisor-is-affected-by-multiple-node-js-vulnerabilities/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-transformation-advisor-is-affected-by-multiple-node-js-vulnerabilities-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-maximo-asset-management-is-vulnerable-to-reverse-tabnabbing-cve-2020-4409/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-have-been-fixed-in-ibm-security-identity-manager-virtual-appliance/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-rational-directory-server-tivoli-rational-directory-administrator-5/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-apache-activemq-affects-ibm-operations-analytics-predictive-insights-cve-2020-1941/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-batik-library-affects-ibm-cram-social-program-management-cve-2019-17566/
قيم المحتوى
شارك الصفحة
