The official site for Saudi CERT
IBM Updates
2691
Warning Date
Severity Level
Warning Number
Target Sector
2 June, 2020
● High
2020-1298
All
Description:
IBM has released security updates to address multiple vulnerabilities in the following products:
- IBM Planning Analytics
- 2.0
- IBM MQ for HPE NonStop
- 8.1.0
- 8.0.4
- IBM MobileFirst Foundation
- 8.0.0.0 – ICP, IKS or using the scripts (BYOL), OCP/ICPA
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS) - remotely.
- Obtain sensitive information.
- Escalation of privilege.
- Cross-site scripting (XSS).
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-planning-analytics-workspace-is-affected-by-security-vulnerabilities/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-for-hpe-nonstop-server-is-affected-by-vulnerability-cve-2020-4352-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-cxf-affects-websphere-application-server-liberty-cve-2019-12406/
- https://www.ibm.com/blogs/psirt/security-bulletin-websphere-liberty-is-vulnerable-to-a-dos-cve-2019-4720/
Rate the content
Share the page
