Security Warnings

Classification
These posts contain security warnings, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

IBM Updates

65

Warning Date: 15 September, 2020

Severity Level ● Medium

Warning Number: 2020-1773

Target Sector: All

Description:

IBM has released security updates to address vulnerabilities in the following products:

  • IBM Business Automation Workflow
    • C.D.0
  • IBM Business Process Manager
    • 8.0, 8.5, 8.6
  • IBM Aspera Connect
    • 3.9.9 and earlier
  • IBM Tivoli Business Service Manager
    • 6.2.0.0 ~ 6.2.0.2 IF 1
  • IBM Spectrum Protect Plus
    • 10.1.0-10.1.6
  • IBM Maximo Asset Management
    • 7.6.0
    • 7.6.1
  • IBM Security Guardium
    • 11.0

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Cross-site scripting (XSS) attack.
  • Obtain sensitive information.

Best practice and Recommendations:

The CERT team encourages users to review IBM security advisory and apply the necessary updates:

Last updated at 15 September, 2020