IBM Updates
2689Warning Date
Severity Level
Warning Number
Target Sector
23 December, 2019
● High
2019-757
All
Description:
IBM has released security updates to address vulnerabilities in the following products:
- APM AM
- APM on-premise
- APM SaaS
- BAM
- IBM Business Automation Workflow
- IBM Business Process Manager
- IBM Cognos Analytics
- IBM Cognos Business Intelligence
- IBM Data Science Experience Local
- IBM i
- IBM MQ
- IBM MQ Certified Container
- IBM Sterling B2B Integrator
- IBM Watson Compare and Comply for IBM Cloud Pak for Data
- IBM Watson Studio – Local
- ICAM
- IBM Financial Transaction Manager for SWIFT Services for Multiplatforms
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Unauthorized disclosure of information
- Denial of service attack (DoS) - remotely §Buffer overflow
- Escalation of privilege
- Execute arbitrary code - remotely
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates: