IBM Alert
1838Warning Date
Severity Level
Warning Number
Target Sector
11 January, 2022
● High
2022-4193
All
IBM has released a security update to address several vulnerabilities in its products, mainly:
- IBM Security Key Lifecycle Manager (SKLM) v2.7** [EOS]
- IBM Security Key Lifecycle Manager (SKLM) v3.0
- IBM Security Key Lifecycle Manager (SKLM) v3.0.1
- IBM Security Key Lifecycle Manager (SKLM) v4.0
- IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1
- IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1.1
- IBM Spectrum Symphony
- IBM Sterling B2B Integrator
- IBM Operational Decision Manager
- Jazz for Service Management
- IBM Sterling B2B Integrator
- Jazz for Service Management
- IBM Cloud Transformation Advisor
- IBM TRIRIGA Connector for Esri ArcGIS Indoors
- IBM Sterling File Gateway
- Collaborative Lifecycle Management (CLM)
- Global Configuration Management (GCM)
- IBM Jazz Reporting Service (JRS)
- Rational DOORS Next Generation(RDNG)
- Rational Engineering Lifecycle Manager (RELM)
- Rational Rhapsody Design Manager (RDM)
- Rational Rhapsody Model Manager (RMM)
- Rational Quality Manager (RQM)
- Rational Team Concert (RTC)
- IBM Security Key Lifecycle Manager (SKLM) v3.0
- IBM Security Key Lifecycle Manager (SKLM) v3.0.1
- IBM Security Key Lifecycle Manager (SKLM) v4.0
- IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1
- IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1.1
- IBM Spectrum Symphony
- IBM Sterling B2B Integrator
- IBM Operational Decision Manager
- Jazz for Service Management
- IBM Sterling B2B Integrator
- Jazz for Service Management
- IBM Cloud Transformation Advisor
- IBM TRIRIGA Connector for Esri ArcGIS Indoors
- IBM Sterling File Gateway
- Collaborative Lifecycle Management (CLM)
- Global Configuration Management (GCM)
- IBM Jazz Reporting Service (JRS)
- Rational DOORS Next Generation(RDNG)
- Rational Engineering Lifecycle Manager (RELM)
- Rational Rhapsody Design Manager (RDM)
- Rational Rhapsody Model Manager (RMM)
- Rational Quality Manager (RQM)
- Rational Team Concert (RTC)
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service (DoS)
- Execute arbitrary code
The CERT team encourages users to review IBM security advisory and apply the necessary updates: