IBM Updates

Your review has been sent successfully

2958

Security Alert

● Critical

● High

● Medium

● Low

Warning Date

Severity Level

Warning Number

Target Sector

8 October, 2020

● High

2020-1891

All

Description:

IBM has released security updates to address vulnerabilities in the following products:

OpenSSH and OpenSSL shipped with IBM Security Access Manager Appliance
- ISAM 7.0, 8.0
jQuery
- IBM MobileFirst Foundation 8.x.x
kernel
- IBM Security Guardium 10.5, 10.6, 11.0, 11.1
IBM Java SDK
- IBM Security Guardium 9x, 10.5, 10.6, 11.0, 11.1
Query
- DataQuant for z/OS 2.1
- DataQuant for Multiplatforms 2.1
IBM QRadar SIEM 7.4.0 – 7.4.1 GA, .3.0 – 7.3.3 Patch 4
Go
API Connect V2018.4.1.0-2018.4.1.12, V10.0.0
dbus
IBM Security Guardium 10.6
IBM QRadar Incident Forensics 7.4.0 – 7.4.1 GA, 7.3.0 – 7.3.3 Patch 4
Crunchy kernel
- API Connect 10.0.0.0
Apache Tomcat
- App Connect Professional v 7.5.3.0
ackson-databind
- IBM Security Guardium 11.0
IBM Cloud Pak for Data – Node.js 2.5, 3.0.1
Oracle MySQL
IBM Security Guardium 9.0 – 9.5, 10.0 -10.6, 11.0
OpenSSL
- IBM Security Guardium 11.x, 10.5, 10.6

Threats:

Attacker could exploit these vulnerabilities by doing the following:

Best practice and Recommendations:

The CERT team encourages users to review IBM security advisory and apply the necessary updates:

Last updated at 8 October, 2020