IBM Updates
1810Warning Date
Severity Level
Warning Number
Target Sector
2 December, 2021
● Medium
2021-3969
All
Description:
IBM has released security updates to address several vulnerabilities in several products:
- IBM QRadar SIEM
- 7.3.0 to 7.3.3 Fix Pack 9
- 7.4.0 to 7.4.3 Fix Pack 3
- IBM Cloud Pak for Multicloud Management Monitoring
- before 2.3 Fix Pack 2
- IBM Disconnected Log Collector
- v1.0 – v1.6
- IBM i
- 7.4
- 7.3
- 7.2
- 7.1
- IBM Tivoli Business Service Manager
- 6.2.0
- Global Configuration Management
- All
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Unauthorized disclosure of information
- Arbitrary code execution
- Cross-site scripting (XSS)
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/support/pages/node/6520472
- https://www.ibm.com/support/pages/node/6520786
- https://www.ibm.com/support/pages/node/6520784
- https://www.ibm.com/support/pages/node/6520674
- https://www.ibm.com/support/pages/node/6520780
- https://www.ibm.com/support/pages/node/6494733
- https://www.ibm.com/support/pages/node/6522092
- https://www.ibm.com/support/pages/node/6520708
- https://www.ibm.com/support/pages/node/6520810
- https://www.ibm.com/support/pages/node/6520788
- https://www.ibm.com/support/pages/node/6520782