The official site for Saudi CERT
IBM Updates
2824
Warning Date
Severity Level
Warning Number
Target Sector
1 October, 2020
● High
2020-1862
All
Description:
IBM has released security updates to address multiple vulnerabilities in the following products:
- IBM Secure Proxy
- 6.0.1
- IBM Sterling Secure Proxy
- 3.4.3.2
- WebSphere Application Server
- 9.0
- 8.5
- 8.0
- 7.0
- IBM Netcool Agile Service Manager
- < 1.1.8
- App Connect Enterprise Certified Container
- 1.0.0 with Operator
- 1.0.1 with Operator
- 1.0.2 with Operator
- IBM Cloud Pak System
- v2.2.6
- v2.3.0.1
- v2.3.1.1
- v2.3.2.0
- IBM Tivoli Application Dependency Discovery Manager
- 7.3.0.0
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Obtain sensitive information.
- Denial of service (DoS).
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-commons-codec-affects-ibm-sterling-secure-proxy/
- https://www.ibm.com/blogs/psirt/security-bulletin-websphere-application-server-is-vulnerable-to-an-information-disclosure-vulnerability-cve-2020-4576/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-netty-affects-ibm-netcool-agile-service-manager/
- https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-enterprise-certified-container-is-affected-by-multiple-node-js-vulnerabilities/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java-runtime-affect-ibm-netcool-agile-service-manager/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-pak-system-is-affected-by-a-vulnerability-in-vmware-component-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-open-source-apache-tomcat-vulnerabilities-affect-ibm-tivoli-application-dependency-discovery-manager-cve-2020-13935/
Rate the content
Share the page
