IBM Updates | Security Alerts

The official site for Saudi CERT Sign In | العربية |

| A+ A-

Your review has been sent successfully

IBM Updates

2448

Classification

Security Alert

● Critical

● High

● Medium

● Low

Warning Date

Severity Level

Warning Number

Target Sector

15 March, 2020

● Medium

2020-1021

All

Description:

IBM has released security updates to address vulnerabilities in the following products:

Voice Gateway:
- 1.0.2.4
- 1.0.4
- 1.0.2
- 1.0.3
All fix pack levels of IBM Db2:
- 9.7
- 10.1
- 10.5
- 11.1
- 11.5
InfoSphere Information Server, Information Server on Cloud:
- 11.7
- 11.5
IBM Power processor architectures
IBM Z-based architectures
IBM Cloud
IBM storage
SPSS Statistics:
- 26.0
- 25.0
- 24.0
- 23.0
IBM Business Automation Workflow
- V18.0.0.0 through V19.0.0.2
IBM Business Process Manager
- V8.6.0.0 through V8.6.0.0 Cumulative Fix 2018.03
- V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06
- V8.5.6.0 through V8.5.6.0 Cumulative Fix 2
- V8.5.5.0
- V8.5.0.0 through V8.5.0.2
Watson Knowledge Catalog for IBM Cloud Pak for Data
- 2.5
IBM App Connect Enterprise:
- 11
- 11.0.0.0
- 11.0.0.7
IBM Integration Bus:
- 10.0.0.0 –10.0.0.19
- 9.0.0.0 – 9.0.0.11

Threats:

Attacker could exploit these vulnerabilities by doing the following:

Take control of the system.
Execute arbitrary code.
Memory corruption
Denial of service attack (DoS)
A remote attacker could consume excessive CPU resources.
Obtain sensitive information
Code injection
Elevated privileges

Best practice and Recommendations:

The CERT team encourages users to review IBM security advisory and apply the necessary updates:

Last updated at 15 March, 2020