The official site for Saudi CERT
IBM Alert
2782
Warning Date
Severity Level
Warning Number
Target Sector
9 March, 2022
● Critical
2022-4492
All
IBM has released security updates to address several vulnerabilities in the following products:
- IBM Cloud Pak System
- V2.3
- V2.3.1.1
- V2.3.2.0
- v2.3.3.1
- V2.3.3.2
- V2.3.3.3
- V2.3.3.3 ifix1
- Compute node X240 M5 - UEFI
- Compute Node X3350 M5 - UEFI
- SN550 - XCC
- SR630 - XCC
- OEMSR630 - XCC
- IBM Watson Explorer Content Analytics Studio
- 12.0.0
- 12.0.1
- 12.0.2
- 12.0.3
- 11.0.0.0 – 11.0.0.3
- 11.0.1
- 11.0.2.0 – 11.0.2.2
- IBM Integrated Analytics System
- 1.0.0-1.0.27.0
- IBM Db2 V11.5
An attacker could exploit these vulnerabilities by doing the following:
- Denial of Service (DoS) attack
- Obtain sensitive information
- Gain elevated privileges
- Execute remote code
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-intel-xeon-affects-ibm-cloud-pak-system-cve-2021-0144/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-java-runtime-affects-watson-explorer-content-analytics-studio-cve-2021-2341/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-isc-bind-affects-ibm-integrated-analytics-system/
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-apache-log4j-affects-some-features-of-ibm-db2-cve-2021-44832-5/
Rate the content
Share the page
