IBM Updates
2101Warning Date
Severity Level
Warning Number
Target Sector
29 September, 2021
● High
2021-3593
All
Description:
IBM has released security updates to address multiple vulnerabilities in the following products:
- App Connect Professional
- 7.5.3.0
- 7.5.4.0
- 7.5.5.0
- IBM Business Automation Workflow
- 21.0
- 20.0
- 19.0
- 18.0
- IBM Business Process Manager
- 8.6
- 8.5
- APM AM
- 8.1.4
- APM SaaS
- 8.1.4
- APM on-premise
- 8.1.4
- IBM Kenexa LCMS Premier on premise
- LCMS Premier 14.0 and Below
- IBM Aspera Console
- 3.4.0 and earlier
- IBM Aspera Shares
- 1.9.14 and earlier
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Bypass security controls
- Denial of Service (DoS)
- Obtain sensitive information
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/support/pages/node/6493299
- https://www.ibm.com/support/pages/node/6493269
- https://www.ibm.com/support/pages/node/6493377
- https://www.ibm.com/support/pages/node/6493297
- https://www.ibm.com/support/pages/node/6493271
- https://www.ibm.com/support/pages/node/6493279
- https://www.ibm.com/support/pages/node/6493267
- https://www.ibm.com/support/pages/node/6493415
- https://www.ibm.com/support/pages/node/6493275
- https://www.ibm.com/support/pages/node/6493277