The official site for Saudi CERT
IBM Alert
2833
Warning Date
Severity Level
Warning Number
Target Sector
21 April, 2022
● High
2022-4701
All
IBM has released security updates to address several vulnerabilities in the following products:
- DB2
- 11.1.x
- 10.5.x
- 9.7.x
- 10.1.x
- IBM QRadar Use Case Manager v1.0 – v3.4.0
- App Connect Professional
- 7.5.4.0
- IBM Robotic Process Automation 21.0.2
- < 21.0.2.2
- IBM Robotic Process Automation 21.0.1
- < 21.0.1.5
An attacker could exploit these vulnerabilities by doing the following:
- Remote code execution
- Denial of service attack (DoS)
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-emptoris-supplier-lifecycle-management-vulnerable-to-unspecified-vulnerability-due-to-oracle-database-server-cve-2021-35576/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-linux-kernel-affects-ibm-integrated-analytics-system-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-openssl-affects-ibm-integrated-analytics-system-7/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-maximo-asset-management-and-the-ibm-maximo-manage-application-in-ibm-maximo-application-suite-are-vulnerable-to-cross-site-scripting-cve-2022-22435/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-maximo-asset-management-and-the-ibm-maximo-manage-application-in-ibm-maximo-application-suite-are-vulnerable-to-cross-site-scripting-cve-2022-22436/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-affected-by-multiple-vulnerabilities-in-the-included-expat-3rd-party-library-cve-2022-23852-and-cve-2022-23990/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-use-case-manager-app-is-vulnerable-to-using-components-with-known-vulnerabilities/
- https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-professional-is-affected-by-gnu-c-library-vulnerability-10/
- https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-professional-is-affected-by-gnu-c-library-vulnerability-11/
- https://www.ibm.com/blogs/psirt/security-bulletin-app-connect-professional-is-affected-by-gnu-c-library-vulnerability-12/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-may-affect-ibm-robotic-process-automation-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-openssl-affect-app-connect-professional/
Rate the content
Share the page
