The official site for Saudi CERT
IBM Alert
2603
Warning Date
Severity Level
Warning Number
Target Sector
18 August, 2022
● High
2022-5137
All
Description:
IBM has released security updates to address several vulnerabilities in several products:
- IBM Process Mining
- AIX
- VIOS
- IBM App Connect Enterprise
- IBM Integration Bus
- IBM Cloud Pak System, IBM Cloud Pak System Software Suite
- RFT
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Execute arbitrary code
- Denial of service attack (DoS)
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- Security Bulletin: Vulnerability in Moment affects IBM Process Mining . CVE-2022-31129 - IBM PSIRT Blog
- Security Bulletin: Vulnerability in FasterXML jackson-databind affects IBM Process Mining . CVE-2020-36518 - IBM PSIRT Blog
- Security Bulletin: AIX is vulnerable to arbitrary command execution (CVE-2022-1292 and CVE-2022-2068) or an attacker may obtain sensitive information (CVE-2022-2097) due to OpenSSL - IBM PSIRT Blog
- Security Bulletin: Multiple vulnerabilities due to OpenSSL and Node js which affect IBM App Connect Enterprise and IBM Integration Bus - IBM PSIRT Blog
- Security Bulletin: Multiple Vulnerabilities in Node.js affect IBM Cloud Pak System - IBM PSIRT Blog
- Security Bulletin: An Eclipse Jetty vulnerability affects IBM Rational Functional Tester - IBM PSIRT Blog
- Security Bulletin: Vulnerability in Eclipse Jetty affects IBM Process Mining . CVE-2020-36518 - IBM PSIRT Blog
Rate the content
Share the page
