IBM Updates
1810Warning Date
Severity Level
Warning Number
Target Sector
17 January, 2021
● Medium
2021-2335
All
Description:
IBM has released security updates to address multiple vulnerabilities in the following products:
- IBM App Connect Enterprise
- 11
- 11.0.0.0 – 11.0.0.10
- IBM Integration Bus
- 10.0.0.0 – 10.0.0.21
- 9.0.0.0 – 9.0.0.11
- IBM Control Center
- 6.1.3
- 6.0.0.2
- Watson Knowledge Catalog for IBM Cloud Pak for Data
- 3.0
- 2.5
- 3.5.1
- IBM Business Automation Workflow
- 20.0.0.1
- 19.0
- 18.0
- IBM Business Process Manager
- 8.6
- 8.5
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Unauthorized disclosure of information
- Obtain sensitive information
- Bypass security restriction
- Man-in-the-Middle Attack.
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/support/pages/node/6404568
- https://www.ibm.com/support/pages/node/6404738
- https://www.ibm.com/support/pages/node/6404586
- https://www.ibm.com/support/pages/node/6404722
- https://www.ibm.com/support/pages/node/6404328
- https://www.ibm.com/support/pages/node/6404314
- https://www.ibm.com/support/pages/node/6404322
- https://www.ibm.com/support/pages/node/6404370