IBM Updates

Your review has been sent successfully

1770

Security Alert

● Critical

● High

● Medium

● Low

Warning Date

Severity Level

Warning Number

Target Sector

1 September, 2021

● High

2021-3452

All

Description:

IBM has released security updates to address several vulnerability in the following products:

IBM Planning Analytics Workspace
- IBM Planning Analytics Local 2.0
Node.js, XStream and Apache Commons
- IBM Spectrum Control
Golang
- IBM API Connect
IBM Java Runtime
- IBM Sterling Secure Proxy
IBM Maximo Asset Management
Apache CXF
- IBM Tivoli Application Dependency Discovery Manager
Drupal dated modernizr library
- IBM API Connect
IBM Security Guardium
Drupal core
- IBM API Connect
IBM Java Runtime
- IBM Integration Bus and IBM App Connect Enterpise
- IBM Sterling External Authentication Server
IBM OpenPages with Watson
AIX kernel
XStream
Drupal CKEditor
- IBM API Connect
Secure Gateway Client
- IBM DataPower Gateway
Oracle MySQL
- IBM API Connect
IBM DataPower Gateway
Open Source Apache Tomcat
- IBM Tivoli Application Dependency Discovery Manager
IBM DB2 shipped with IBM License Metric Tool v9
IBM® Java SDK
- IBM Security Directory Suite
IBM Security Identity Manager Virtual Appliance

Threats:

Attacker could exploit these vulnerabilities by doing the following:

Best practice and Recommendations:

The CERT team encourages users to review IBM security advisory and apply the necessary updates:

Last updated at 1 September, 2021