IBM Updates
1682Warning Date
Severity Level
Warning Number
Target Sector
19 May, 2020
● High
2020-1248
All
Description:
IBM has released security updates to address multiple vulnerabilities in the following products:
- InfoSphere Information Server, Information Server on Cloud
- 11.7
- 11.5
- 11.3
- IBM Security Guardium StealthBits Integration
- IBM Spectrum Scale V
- V5.0.0.0 through V5.0.4.3
- V4.2.0.0 through V4.2.3.21
- IBM Sterling B2B Integrator
- V6.0.0.0 through V6.0.3.1
- V 5.2.6.2 through V5.2.6.5_1
- IBM MQ
- 9.1 LTS
- 9.0 LTS
- 8.0
- 9.1 CD
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Cross-site scripting (XSS) attack.
- Obtain sensitive information
- Consume CPU resources remotely
- Denial of service (DoS)
- Execute arbitrary code remotely
- (Cross-site request forgery (CSRF
- Consume all available memory
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/support/pages/node/6194751
- https://www.ibm.com/support/pages/node/6208129
- https://www.ibm.com/support/pages/node/6207100
- https://www.ibm.com/support/pages/node/6207097
- https://www.ibm.com/support/pages/node/6194775
- https://www.ibm.com/support/pages/node/6210381
- https://www.ibm.com/support/pages/node/6209002
- https://www.ibm.com/support/pages/node/6210382
- https://www.ibm.com/support/pages/node/6210298
- https://www.ibm.com/support/pages/node/6209004
- https://www.ibm.com/support/pages/node/6210349