IBM Alert

Your review has been sent successfully

IBM Alert

3036

Classification

Security Alert

● Critical

● High

● Medium

● Low

Warning Date

Severity Level

Warning Number

Target Sector

9 June, 2022

● High

2022-4926

All

Description:

IBM has released security updates to address several vulnerabilities in the following products, mainly:

IBM Spectrum Scale
- 5.1.0 - 5.1.3.0
IBM QRadar Data Synchronization App
- 1.0 – 3.0.0
Rational Service Tester RST
- 9.1
- 9.2
- 9.5
IBM Tivoli Monitoring
- 6.3.0 Fix Pack 7 Service Pack 5 (or later Service Pack)
IBM CICS TX Advanced
- 10.1
- 11.1
IBM Netezza Host Management
- 5.4.9.0 – 5.4.32.0
- 5.2.1.0 – 5.4.31.0
IBM CICS TX Standard
- 11.1
IBM PureData System for Operational Analytics
- 1.1
IBM® SDK, Java™ Technology Edition
- 7.0.0.0 - 7.0.11.5
- 7.1.0.0 - 7.1.5.5
- 8.0.0.0 - 8.0.7.6
IBM Robotic Process Automation
- 21.0.2
IBM Robotic Process Automation for Cloud Pak
- 21.0.2
IBM Robotic Process Automation as a Service
- 21.0.2
SOAR App Host
- 1 – 1.9
IBM® Security SOAR
- 32.0 – 44
IBM Db2 Mirror for i
- 7.5
- 7.4
IBM Sterling Connect:Direct Web Services
- 1.0
- 6.1.0
- 6.2.0
- 6.0
Enterprise Content Management System Monitor
- 5.5
IBM Watson Machine Learning Accelerator
- 2.2.0,2.2.1,2.2.2,2.2.3
- 2.3.0,2.3.1,2.3.2,2.3.3,2.3.4,2.3.5,2.3.6,2.3.7,2.3.8
- 1.2.1,1.2.2,1.2.3
IBM Cloud Private
- 3.1.0
- 3.1.1
- 3.1.2
- 3.2.0
- CD3.2.1
- CD3.2.2
IBM Security Guardium
- 11.0
- 11.1
- 11.2
- 11.3
- 11.4
IBM® Db2®
- V9.7
- V10.1
- V10.5
- V11.1
- V11.5
IBM Netcool Agile Service Manager
- 1.1
IBM Spectrum Protect Plus
- 10.1.0.0 - 10.1.9.3
IBM i
- 7.5
- 7.4
- 7.3
- 7.2
IBM RackSwitch firmware
- G7028
  - 7.6
- G8316
  - 7.9
- G8052
  - 7.11
- G8264
  - 7.11
- G8332
  - 7.7
- G8264T
  - 7.9
- G8124/G8124E
  - 7.11
- G8264CS_SI_Fabric_Image
  - 7.8
- G8264CS
  - 7.8
IBM Flex System switch firmware
- IBM Flex System EN2092 1Gb Ethernet Scalable Switch
  - 7.8
- IBM Flex System Fabric SI4093 GbFSIM 10Gb Scalable Switch
  - 7.8
- IBM Flex System Fabric EN4093/EN4093R 10Gb Scalable Switch
  - 7.8
- IBM Flex System CN4093 10Gb Converged Scalable Switch
  - 7.8
IBM DataPower Gateway
- IBM DataPower Gateway V10CD
  - 10.0.2.0-10.0.3.0
- IBM DataPower Gateway 10.0.1
  - 10.0.1.0-10.0.1.4
- IBM DataPower Gateway
  - 2018.4.1.0-2018.4.1.17
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data
- 4.0.0 – 4.0.8
IBM Telco Network Cloud Manager – Performance (TNCP)
- TNC-P 1.4
- TNC-P 1.4.1
- TNC-P 1.3
- TNC-P 1.2
IBM Edge Application Manger
- 4.3
IBM Cognos Controller
- 10.4.2
- 10.4.1
- 10.4.0
InfoSphere Information Server
- 11.7
IBM MaaS360 VPN Module
- 2.106.100 and prior
IBM MaaS360 Mobile Enterprise Gateway
- 2.106.200 and prior
IBM MaaS360 Cloud Extender Agent
- 2.106.100.008 and prior
IBM WIoTP MessageGateway
- 5.0.0.1
IBM IoT MessageSight
- 5.0.0.0
IBM Cloud Pak for Data System 1.0
- 1.0.0.0- 1.0.7.7
IBM Security SiteProtector System
- 3.1.1
R9.1
R9.2
R8.5
ICP – IBM Match 360
- v4.0.7 and prior
IBM QRadar SIEM
- v7.3 and prior
IBM QRadar SIEM
- v7.4 and prior
IBM QRadar SIEM
- v7.5 and prior
IBM Cognos Command Center
- 10.2.4.1
Spring Framework, OpenSSL and Apache HTTP Server
- R9.0x
- R9.1x
- R9.2x

Threats:

An attacker could exploit these vulnerabilities by doing the following:

Sensitive information disclosure
Execute arbitrary code
Denial of service (DoS)
Buffer overflow
Elevate privileges
Code injection
Bypass security restrictions

Best practice and Recommendations:

The CERT team encourages users to review IBM security advisory and apply the necessary updates, mainly:

Last updated at 9 June, 2022

IBM Alert

Classification

Most Viewed Warnings