IBM Updates
1670Warning Date
Severity Level
Warning Number
Target Sector
15 April, 2021
● High
2021-2772
All
Description:
IBM has released a security update to address several vulnerabilities in the following products:
- RST
- 9.1
- 9.2
- 9.5
- WebSphere Application Server
- 9.0
- 8.5
- 8.0
- 7.0
- WebSphere Application Server Liberty
- 17.0.0.3 – 21.0.0.3
- RPT
- 9.1
- 9.2
- 9.5
- IBM Transformation Extender
- 9.0
- 10.0
- WebSphere Transformation Extender
- 8.4.1
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Unauthorized disclosure of information
- Buffer overflow
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-and-ibm-java-runtime-affect-rational-service-tester-5/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-dojo-affects-websphere-application-server-cve-2020-5258/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-and-ibm-java-runtime-affect-rational-performance-tester-4/
- https://www.ibm.com/blogs/psirt/security-bulletin-buffer-overflow-vulnerability-in-ibm-sdk-affects-ibm-transformation-extender/