The official site for Saudi CERT
IBM Alert
2402
Warning Date
Severity Level
Warning Number
Target Sector
4 May, 2022
● High
2022-4768
All
IBM has released security updates to address several vulnerabilities in the following products:
- IBM Cloud Pak System
- V2.3.3.0
- V2.3.3.1
- V2.3.3.2
- V2.3.3.3
- V2.3.0.1
- V.3.1.1
- V2.3.2.0
- 2.3
- IBM Informix Dynamic Server
- 14.10.x
- 12.10.x
- IBM Engineering Requirements Management DOORS Next
- 7.0.2
- 7.0
- 7.0.1
- IBM Rational DOORS Next Generation
- 6.0.6.1
- 6.0.6
An attacker could exploit these vulnerabilities by doing the following:
- Denial of Service (DoS) attack
- Privilege escalation
- Arbitrary code execution
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilitiy-identified-in-ibm-db2-that-is-shipped-as-component-and-pattern-type-or-ptype-with-cloud-pak-system-and-cloud-pak-system-software-suite-cloud-pak-system-address-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-intel-processors-affect-cloud-pak-system/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-informix-dynamic-server-is-affected-to-denial-of-service-due-to-fasterxml-jackson-databind-cve-2020-36518/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-engineering-requirements-management-doors-next-is-vulnerable-to-xml-external-entity-xxe-attacks-due-to-fasterxml-jackson-databind-cve-2020-25649/
Rate the content
Share the page
