IBM Updates | Security Alerts

The official site for Saudi CERT Sign In | العربية |

| A+ A-

Your review has been sent successfully

IBM Updates

2641

Classification

Security Alert

● Critical

● High

● Medium

● Low

Warning Date

Severity Level

Warning Number

Target Sector

15 December, 2021

● Critical

2021-4071

All

Description:

IBM has released security updates to address several vulnerabilities in the following products:

Apache Log4j :

IBM Disconnected Log Collector
- v1.0 – v1.7
SPSS Statistics Subscription
- 1.0
IBM Security Verify Access Docker
- 10.0.0
ISAM
- 9.0
SPSS Statistics
- 28.0.1
- 27.0.1
- 26.0
- 25.0
i2 Analyze
- 4.3.5.0
- 4.3.4.0
- 4.3.3.0
i2 Connect
- 1.1.1
- 1.1.0
- 1.0.3
Analyst's Notebook Premium
- 9.3.1
- 9.3.0
IBM Security Access Manager
- 9.0.7.1
IBM Security Verify Access
- 10.0.0.0
IBM Cloud Transformation Advisor
- 2.5.0
IBM Sterling File Gateway
- 6.0.0.0 – 6.1.1.0
IBM MQ
- 9.2 CD
- 9.1 CD
- 9.2 LTS

other vulnerabilities:

WebSphere Application Server:
- 9.0
- 8.5
- 8.0
Rational Asset Analyzer
- 6.1.0.0 – 6.1.0.23
App Connect Professional
- v 7.5.4.0
IBM Integration Bus
- V10.0.0 – V10.0.0.24
IBM QRadar SIEM
- 7.3.0 to 7.3.3 FP 10
- 7.4.0 to 7.4.3 FP 4
IBM WebSphere Cast Iron
- v 7.5.1.0
App Connect Professional
- v 7.5.2.0
- 7.5.4
- 7.5.5
P8 OpenPOWER
- release OP825 OP825.50
Hardware Management Console System Firmware
- v3.11_v3.23_ hmc

Threats:

An attacker could exploit these vulnerabilities by doing the following:

Obtain sensitive information
Privilege escalation
Remote code execution

Best practice and Recommendations:

The CERT team encourages users to review IBM security advisory and apply the necessary updates:

Last updated at 15 December, 2021