The official site for Saudi CERT
IBM Alert
6909
Warning Date
Severity Level
Warning Number
Target Sector
28 September, 2022
● High
2022-5284
All
IBM has released security updates to address several vulnerabilities in several products:
- IBM App Connect Enterprise & IBM Integration Bus
- IBM TRIRIGA Application Platform
- IBM PowerVM Novalink
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Unauthorized disclosure of information
- Bypass of a protection mechanism
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-app-connect-enterprise-ibm-integration-bus-are-vulnerable-to-a-denial-of-service-due-to-zlib-cve-2018-25032/
- https://www.ibm.com/blogs/psirt/security-bulletinibm-tririga-application-platform-discloses-possible-path-command-executioncve-2021-41878/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-powervm-novalink-is-vulnerable-because-ibm-websphere-application-server-liberty-vulnerable-eclipse-paho-java-client-could-allow-a-remote-attacker-to-bypass-security-restric/
Rate the content
Share the page
