IBM Updates
2261Warning Date
Severity Level
Warning Number
Target Sector
22 April, 2021
● High
2021-2814
All
Description:
IBM has released a security update to address several vulnerabilities in the following products:
- IBM Netezza Performance Server
- IBM Netezza Performance Server 11.2.0.0
- IBM Business Automation Workflow
- 20.0.0.1
- 19.0.0.x
- IBM Cloud Application Business Insights
- 1.1.5
- 1.1.6
- IBM Watson Machine Learning Server on-prem
- 2.0.0
- WebSphere Application Server
- 17.0 – 21.0.0.3
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Buffer overflow
- Cross-site scripting (XSS)
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-dojo-affects-websphere-application-server-cve-2020-5258-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-tensor-flow-security-vulnerabilities-on-ibm-watson-machine-learning-server/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-java-affects-ibm-cloud-application-business-insights-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-with-ibm-content-navigator-component-in-ibm-business-automation-workflow-cve-2020-4757-psirt-adv0028011-cve-2020-4934/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-gnu-binutils-affect-ibm-netezza-performance-server/