IBM Updates
3739Warning Date
Severity Level
Warning Number
Target Sector
9 September, 2019
● Medium
2019-416
All
Description:
IBM has released security updates to address vulnerabilities in the following products:
- IBM Watson Explorer Content Analytics Studio 11.0.0.0 – 11.0.0.3, 11.0.1, 11.0.2.0 – 11.0.2.2, 12.0.0, 12.0.1, 12.0.2
- IBM Watson Explorer Deep Analytics Edition Analytical Components 12.0.0.0, 12.0.1, 12.0.2 – 12.0.2.2.
- IBM Watson Explorer Deep Analytics Edition oneWEX 12.0.0.0, 12.0.0.1, 12.0.1, 12.0.2 – 12.0.2.2.
- IBM Watson Explorer Foundational Components 10.0.0.0 – 10.0.0.5, 11.0.0.0 – 11.0.0.3, 11.0.1, 11.0.2 – 11.0.2.4.
- IBM Watson Explorer Analytical Components 10.0.0.0 – 10.0.0.2, 11.0.0.0 – 11.0.0.3, 11.0.1, 11.0.2 – 11.0.2.4
- IBM Watson Content Analytics 3.5.0.0 – 3.5.0.4
- IBM Watson Explorer Foundational Components Annotation Administration Console 10.0.0.0 – 10.0.0.5, 11.0 – 11.0.0.3, 11.0.1, 11.0.2 – 11.0.2.4 12.0.0.0
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Code injection.
- Escalation of privilege.
- Unauthorized disclosure of information.
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates: