IBM Updates
1677Warning Date
Severity Level
Warning Number
Target Sector
27 July, 2021
● High
2021-3258
All
Description:
IBM has released security updates to address several vulnerabilities in the following products:
- IBM Cloud Pak for Multicloud Management Infrastructure Management
- IBM Sterling B2B Integrator
- 5.2.0.0 – 5.2.6.5_3
- 6.1.0.0 – 6.1.0.2
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Obtain sensitive information
- Execute arbitrary code
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-ruby-on-rails-affects-ibm-cloud-pak-for-multicloud-management-infrastructure-management/
- https://www.ibm.com/blogs/psirt/security-bulletin-xss-security-vulnerabilty-affects-mailbox-ui-of-ibm-sterling-b2b-integrator-cve-2021-20562/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-security-vulnerability-in-golang-go-affects-ibm-cloud-pak-for-multicloud-management-managed-services/