Your review has been sent successfully

IBM Updates

3556
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Warning Date

Severity Level

Warning Number

Target Sector

17 September, 2019

● High

2019-438

All

Description:

IBM has released security updates to address vulnerabilities in the following products:

  • IBM Cognos Analytics 11.0, 11.1
  • IBM Streams 4.1.1.8 and earlier, 4.2.1.6 and earlier, 4.3.0.2 and earlier
  • IBM eDiscovery Analyzer Version 2.2.2
  • IBM Cloud Application Performance Management, Base Private 8.1.4, Advanced Private 8.1.4
  • FTM CHK 3.0.5.0, 3.0.5.4
  • InfoSphere Streams 4.0.1.6 and earlier, 3.2.1.6 and earlier
  • IBM MQ 9.1, 9.0.0.x Long Term Support (LTS)
  • IBM MQ 9.0.x Continuous Delivery Release (CDR)
  • IBM MQ 8.0
  • FTM CPS 3.0.2.0, 3.0.2.1, 3.2.1.0
  • IBM Cognos Controller 10.4.1, 10.4.0, 10.3.1, 10.3.0
  • IBM Cloud Private for Data 1.1.0, 1.2.1, 2.1.0
  • IBM SDK, Java Technology Edition, Version 7
  • IBM Security Access Manager Appliance 7,0, 8.0, 9.0
  • IBM Cloud App Management 2018.2.0, 2018.4.0, 2018.4.1
  • WebSphere Application Server 9.0, 8.0, 8.5, 7.0
  • IBM Security SiteProtector System 3.0.0, 3.1.1
  • FTM ACH 3.0.6.0, 3.0.6.8, 3.1.0.0, 3.1.0.3
  • IBM WebSphere Application Server for IBM Cloud Private VM Quickstarter 2.0, 3.0

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Execute arbitrary code – remotely.
  • Denial of service attack (DoS) – remotely.
  • Buffer overflow.
  • Unauthorized disclosure of information.
  • Escalation of privilege.

Best practice and Recommendations:

The CERT team encourages users to review IBM security advisory and apply the necessary updates:

https://www.ibm.com/blogs/psirt/

Last updated at 29 October, 2019

Rate the content

rate-icon
up icon