The official site for Saudi CERT
IBM Updates
2709
Warning Date
Severity Level
Warning Number
Target Sector
18 October, 2020
● Critical
2020-1937
All
Description:
IBM has released security updates to address vulnerabilities in the following products:
- Resilient OnPrem
- IBM Security SOAR
- IBM Operations Analytics Predictive Insights
- IBM Maximo Asset Management
- 7.6.0
- 7.6.1
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Authentication bypass.
- Man in the middle attack.
- Execute arbitrary code.
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-resilient-soar-could-allow-a-privileged-user-to-inject-malicious-commands-through-python3-scripting-cve-2020-4636/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-apache-activemq-affect-ibm-operations-analytics-predictive-insights-cve-2020-11998-cve-2020-13920/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-maximo-asset-management-is-vulnerable-to-authentication-bypass-cve-2020-4493-2/
Rate the content
Share the page
