The official site for Saudi CERT
IBM Updates
2681
Warning Date
Severity Level
Warning Number
Target Sector
29 January, 2020
● Medium
2020-853
All
Description:
IBM has released security updates to address vulnerabilities in the following products:
- ISAM
- ISIM (SS)
- ISIM
- IBM MQ Appliance
- Vyatta 5600
- IBM MQ Appliance
- IBM Business Process Manager
- IBM Business Automation Workflow
- IBM Control Center
- IBM BladeCenter T Advanced Management Module (AMM)
- IBM BladeCenter Advanced Management Module (AMM)
- IBM Control Center
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- External Entity Injection (XXE) attack.
- Elevation of privileges.
- Obtain sensitive information remotely.
- Denial-of-service (DoS).
- Bypass protection mechanisms.
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-affected-by-http-2-vulnerabilities-cve-2019-9511-and-cve-2019-9513/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-was-fixed-in-ibm-security-access-manager/
- https://www.ibm.com/support/pages/node/1284028
- https://www.ibm.com/support/pages/node/1284292
- https://www.ibm.com/support/pages/node/1284574
- https://www.ibm.com/support/pages/node/1284550
- https://www.ibm.com/support/pages/node/1284556
- https://www.ibm.com/support/pages/node/1167892
- https://www.ibm.com/support/pages/node/1284568
- https://www.ibm.com/support/pages/node/1284538
- https://www.ibm.com/support/pages/node/1284544
- https://www.ibm.com/support/pages/node/1283902
- https://www.ibm.com/support/pages/node/1284514
- https://www.ibm.com/support/pages/node/1126791
- https://www.ibm.com/support/pages/node/1283920
- https://www.ibm.com/support/pages/node/1125879
- https://www.ibm.com/support/pages/node/1284100
Rate the content
Share the page
