IBM Updates
2170Warning Date
Severity Level
Warning Number
Target Sector
15 June, 2020
● High
2020-1353
All
Description:
IBM has released security updates to address multiple vulnerabilities in the following products:
- IBM Spectrum Protect Plus
- 10.1.0-10.1.5
- InfoSphere Information Server, Information Server on Cloud
- 11.7
- 11.5
- InfoSphere Information Server
- 11.3
- IBM Spectrum Protect Server
- 8.1.0.000-8.1.9.300
- IBM Emptoris Program Management
- 10.1.3.x,10.1.1.x, 10.1.0.x
- IBM i
- 7.4
- 7.3
- 7.2
- API Connect
- IBM API Connect
- 5.0.0.0-5.0.8.8
- IBM Event Streams
- 2019.2.1
- IBM Event Streams in IBM Cloud Pak for Integration
- 2019.2.2
- IBM Event Streams in IBM Cloud Pak for Integration
- 2019.2.3
- IBM Event Streams
- 2019.4.1
- IBM Event Streams in IBM Cloud Pak for Integration
- 2019.4.1
- IBM Emptoris Program Management
- 10.1.3 x
- 10.1.1.x
- 10.1.0.x
- IBM Emptoris Sourcing
- 10.1.3 x
- 10.1.1.x
- 10.1.0.x
- IBM Emptoris Strategic Supply Management Platform
- 10.1.3 x
- 10.1.1.x
- 10.1.0.x
- IBM Workload Scheduler
- 9.3.0.4 and earlier
- IBM Emptoris Supplier Lifecycle Mgmt
- 10.1.3 x
- 10.1.1.x
- 10.1.0.x
- IBM Emptoris Contract Management
- 10.1.3 x
- 10.1.1.x
- 10.1.0.x
- IBM Spectrum Protect Operations Center
- 8.1.0.000-8.1.9.000
- 7.1.0.000-7.1.9.300
- IBM Spectrum Protect Client Management Service (CMS)
- 8.1.0.000-8.1.9.000
- 7.1.0.000-7.1.9.300
- IBM Cloud Transformation Advisor
- 2.0.3
- 2.1.0
- IBM Spectrum Protect Client
- 8.1.7.0-8.1.9.1 (Linux and Windows)
- 8.1.9.0-8.1.9.1 (AIX)
- IBM Spectrum Protect for Space Management
- 8.1.7.0-8.1.9.1 (Linux and Windows)
- 8.1.9.0-8.1.9.1 (AIX)
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Execute arbitrary code remotely
- Man-in-the-middle attack
- Take control of the system.
- Denial of Service (DoS)
- Hijack DNS sessions
- Obtain sensitive information
- Bypass security restriction
- Cross site scripting (XSS)
Best practice and Recommendations:
- The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/support/pages/node/6232338
- https://www.ibm.com/support/pages/node/6221350
- https://www.ibm.com/support/pages/node/6221344
- https://www.ibm.com/support/pages/node/6221316
- https://www.ibm.com/support/pages/node/6221198
- https://www.ibm.com/support/pages/node/6221358
- https://www.ibm.com/support/pages/node/6221312
- https://www.ibm.com/support/pages/node/6221690
- https://www.ibm.com/support/pages/node/6222742
- https://www.ibm.com/support/pages/node/6224298
- https://www.ibm.com/support/pages/node/6217392
- https://www.ibm.com/support/pages/node/6226334
- https://www.ibm.com/support/pages/node/6226380
- https://www.ibm.com/support/pages/node/6205714
- https://www.ibm.com/support/pages/node/6226376
- https://www.ibm.com/support/pages/node/6205727
- https://www.ibm.com/support/pages/node/6226382
- https://www.ibm.com/support/pages/node/6223030
- https://www.ibm.com/support/pages/node/6226296
- https://www.ibm.com/support/pages/node/6226330
- https://www.ibm.com/support/pages/node/6226386
- https://www.ibm.com/support/pages/node/6226394
- https://www.ibm.com/support/pages/node/6226324
- https://www.ibm.com/support/pages/node/6226532
- https://www.ibm.com/support/pages/node/6209125
- https://www.ibm.com/support/pages/node/6226378
- https://www.ibm.com/support/pages/node/6226398
- https://www.ibm.com/support/pages/node/6226338
- https://www.ibm.com/support/pages/node/6226390
- https://www.ibm.com/support/pages/node/6226374
- https://www.ibm.com/support/pages/node/6226372
- https://www.ibm.com/support/pages/node/6226370
- https://www.ibm.com/support/pages/node/6226346
- https://www.ibm.com/support/pages/node/6221658
- https://www.ibm.com/support/pages/node/6221336
- https://www.ibm.com/support/pages/node/6221196
- https://www.ibm.com/support/pages/node/6221308
- https://www.ibm.com/support/pages/node/6221332
- https://www.ibm.com/support/pages/node/6221682
- https://www.ibm.com/support/pages/node/6228750
- https://www.ibm.com/support/pages/node/6221388
- https://www.ibm.com/support/pages/node/6228838
- https://www.ibm.com/support/pages/node/6221448
- https://www.ibm.com/support/pages/node/6221676
- https://www.ibm.com/support/pages/node/6221706
- https://www.ibm.com/support/pages/node/6221294