IBM Updates
1905Warning Date
Severity Level
Warning Number
Target Sector
18 May, 2021
● High
2021-2928
All
Description:
IBM has released a security update to address several vulnerabilities in the following products, the most important ones:
- IBM Netezza Analytics for NPS
- 11.2.1.0 and low er
- Sterling Connect Direct Web Services
- 1.0
- IBM Connect:Direct Web Services
- 6.0
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Escalation of privilege
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerabilities-in-ibm-java-affects-ibm-developer-for-z-systems/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-affect-ibm-netezza-analytics-for-nps/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-with-ibm-content-navigator-component-in-ibm-business-automation-workflow-cve-2020-4757-psirt-adv0028011-cve-2020-4934-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-postgresql-affect-ibm-connectdirect-web-service-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-openssl-vulnerabilities-affect-ibm-sterling-connectexpress-for-unix-cve-2021-3449-cve-2021-3450/