IBM Updates
1629Warning Date
Severity Level
Warning Number
Target Sector
22 July, 2021
● Medium
2021-3236
All
Description:
IBM has released a security updates to address several vulnerabilities in the following products:
- IBM Cloud Pak for Automation
- 21.0.1-IF001
- 21.0.2
- IBM Netezza Host Management
- 5.4.9.0 and after
- ITCAM for Transactions
- 7.4.0.1
- 7.4.0.2
- InfoSphere Information Server
- 11.7
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service (DoS)
- Obtain sensitive information
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-f5-nginx-controller-affect-ibm-cloud-pak-for-automation/
- https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerabilities-from-kernel-affect-ibm-netezza-host-management-11/
- https://www.ibm.com/blogs/psirt/security-bulletin-addressing-the-sqlite-vulnerability-cve-2021-20227/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-sdk-april-2021-affects-ibm-infosphere-information-server-cve-2021-2161/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-infosphere-information-server-is-vulnerable-to-sql-injection-2/