IBM Updates
2079Warning Date
Severity Level
Warning Number
Target Sector
6 May, 2021
● High
2021-2883
All
Description:
IBM has released a security update to address several vulnerabilities in the following products:
- FOS
- 9.0
- 8.2
- IBM Integration Bus
- V10.0.0 – V10.0.0.23
- IBM App connect Enterprise
- V11 , V11.0.0.0 – V11.0.0.11
- Rational Asset Analyzer (RAA)
- 6.1.0.0 – 6.0.0.23
- IBM Cloud Pak System V2.3.3.0, V2.3.3.1, V2.3.3.2, V2.3.3.3
- IBM DB2 LUW V11.5I
- BM Cloud Pak System V2.3.0.1, V2.3.1.1, V2.3.2.0
- IBM DB2 LUW V11.1
- IBM DRM
- 2.0.6
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Buffer overflow
- Cross-site scripting (XSS)
- Denial of service attack (DoS)
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerabilities-in-ibm-java-affects-ibm-rational-asset-analyzer/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-fabric-os-used-by-ibm-b-type-san-directors-and-switches-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-integration-bus-ibm-app-connect-enterprise-v11-are-affected-by-vulnerabilities-in-node-js-cve-2020-8287/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-integration-bus-ibm-app-connect-enterprise-v11-are-affected-by-vulnerabilities-in-node-js-cve-2020-8265/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-integration-bus-ibm-app-connect-enterprise-v11-are-affected-by-vulnerabilities-in-node-js-cve-2020-28500/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-ibm-java-affecting-ibm-rational-asset-analyzer-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilitiy-identified-in-ibm-db2-that-is-shipped-as-component-and-pattern-type-or-ptype-with-cloud-pak-system-and-cloud-pak-system-software-suite-cloud-pak-system-address/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-risk-manager-is-affected-by-multiple-vulnerabilities-4/