IBM Updates

Your review has been sent successfully

2410

Security Alert

● Critical

● High

● Medium

● Low

Warning Date

Severity Level

Warning Number

Target Sector

18 February, 2020

● Medium

2020-926

All

Description:

IBM has released security updates to address vulnerabilities in the following products:

Log Analysis
- 1.3.1، 1.3.2، 1.3.3، 1.3.4، 1.3.5، 1.3.6
IBM CICS TX on Cloud
- 10.1
IBM Watson Explorer Deep Analytics Edition Foundational Components
- 12.0.0.0, 12.0.0.1, 12.0.1, 12.0.2.0 – 12.0.2.2, 12.0.3, 12.0.3.1
IBM Watson Explorer Deep Analytics Edition Analytical Components
- 12.0.0.0, 12.0.0.1, 12.0.1, 12.0.2.0 – 12.0.2.2, 12.0.3, 12.0.3.1
IBM Watson Explorer Deep Analytics Edition oneWEX
- 12.0.0.0, 12.0.0.1, 12.0.1, 12.0.2.0 – 12.0.2.2, 12.0.3, 12.0.3.1
IBM Watson Explorer Foundational Components
10.0.0.0 – 10.0.0.6
IBM Watson Explorer Foundational Components Annotation Administration Console
- 12.0.0.0, 12.0.1,12.0.2.0 – 12.0.2.2, 12.0.3, 12.0.3.1, 11.0 – 11.0.0.3, 11.0.1, 11.0.2, 11.0.2.1 – 11.0.2.5, 10.0 – 10.0.0.6
Watson Explorer Analytical Components
- 11.0 – 11.0.0.3, 11.0.1, 11.0.2, 11.0.2.1 – 11.0.2.5
Watson Explorer Analytical Components
- 10.0 – 10.0.0.2
IBM Watson Explorer Content Analytics Studio
- 12.0.0, 12.0.1, 12.0.2, 12.0.3, 11.0.0.0 – 11.0.0.3,
  11.0.1.0 – 11.0.2.2

The following fileset levels (VRMF) are vulnerable, if the respective Java version is installed:

Threats:

Attacker could exploit these vulnerabilities by doing the following:

Best practice and Recommendations:

The CERT team encourages users to review IBM security advisory and apply the necessary updates:

Last updated at 18 February, 2020