The official site for Saudi CERT
IBM Alert
2450
Warning Date
Severity Level
Warning Number
Target Sector
15 September, 2022
● High
2022-5244
All
IBM has released security updates to address several vulnerabilities in several products:
- IBM Cloud PAK for Watson AI Ops
- IBM Sterling Connect:Direct for UNIX Container
- IBM Sterling Order Management
Attacker could exploit these vulnerabilities by doing the following:
- Escalation of privilege
- Bypass of a protection mechanism
- Execute arbitrary code
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-due-to-use-of-pac4j-ibm-cloud-pak-for-watson-ai-ops-is-vulnerable-to-token-bypass-cve-2021-44878/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-sterling-connectdirect-for-unix-container-is-vulnerable-to-execute-arbitrary-commands-due-to-openssl-cve-2022-2068/
- https://www.ibm.com/blogs/psirt/security-bulletin-apache-log4j-vulnerability-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-due-to-use-of-apple-macos-monterey-and-macos-big-sur-ibm-cloud-pak-for-watson-ai-ops-is-vulnerable-to-attacks-gaining-elevated-priviledges-cve-2022-26691/
Rate the content
Share the page
