IBM Updates
2031Warning Date
Severity Level
Warning Number
Target Sector
7 March, 2021
● High
2021-2579
All
Description:
IBM has released a security update to address several vulnerabilities in the following products:
- Node.js
- IBM App Connect Enterprise V11.0.0.0 – V11.0.0.11
- IBM API Connect V10.0.1.1, V2018.4.1.0-2018.4.1.13
- Apache Tomcat
- IBM Tivoli Application Dependency Discovery Manager 7.3.0.0
- libxslt
- IBM MQ Appliance 9.1 LTS
- IBM MQ Appliance 9.2 CD
- IBM MQ Appliance 9.2 LTS
- IBM MQ Appliance 9.1 CD
- IBM InfoSphere Information Server 11.7, 11.5, 11.3
- OpenSSL
- IBM MQ Appliance 9.1 LTS
- IBM MQ Appliance 9.2 CD
- IBM MQ Appliance 9.2 LTS
- IBM MQ Appliance 9.1 CD
- Rational® Application Developer for WebSphere® Software 9.6, 9.7
- libexpat
- IBM MQ Appliance 9.1 LTS
- IBM MQ Appliance 9.2 CD
- IBM MQ Appliance 9.2 LTS
- IBM MQ Appliance 9.1 CD
- system
- IBM MQ Appliance 9.1 LTS
- IBM MQ Appliance 9.2 CD
- IBM MQ Appliance 9.2 LTS
- IBM MQ Appliance 9.1 CD
- IBM WebSphere Application Server shipped with IBM StoredIQ for Legal 2.0.3
- IBM Java Runtime
- IBM Connect:Direct Web Services 6.0
- Sterling Connect Direct Web Services 1.0
- IBM Cloud Object Storage Systems 3.12.4.200, 3.13.6.166, 3.14.11.41
- Python
- IBM Watson Discovery for IBM Cloud Pak for Data
- Google-api-client as used by IBM QRadar SIEM
- IBM Content Navigator component in IBM Business Automation Workflow
- IBM Java SDK
- IBM WebSphere Application Server Patterns 1.0.0.0 through 1.0.0.7 and 2.2.0.0 through 2.3.3.3
- IBM Tivoli System Automation Application Manager 4.1
- jackson-databind
- IBM Spectrum Symphony 7.3.1, 7.3, 7.2.1, 7.2.0.2
- IBM Java SDK and IBM Java Runtime
- TPF Toolkit 4.6, 4.2
- Java SE
- IBM API Connect V2018.4.1.0-2018.4.1.13
- IBM API Connect V10, API Connect V10.0.1.1, V2018.4.1.0-2018.4.1.13
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- Denial of service attack (DoS)
- Sensitive information disclosure
- Execute arbitrary code -remotely
Best practice and Recommendations:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-node-js-affect-ibm-app-connect-enterprise-v11-cve-2020-7788/
- https://www.ibm.com/blogs/psirt/security-bulletin-open-source-apache-tomcat-vulnerabilities-affect-ibm-tivoli-application-dependency-discovery-manager-cve-2021-24122/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-libxslt-vulnerabilities-cve-2019-11068-cve-2019-18197/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-infosphere-information-server-is-affected-by-a-cross-site-scripting-vulnerability-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-an-openssl-vulnerability-cve-2020-1971/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-rational-application-developer-for-websphere-software/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-libexpat-vulnerabilities-cve-2018-20843-cve-2019-15903/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-a-systemd-vulnerability-cve-2019-20386/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-infosphere-information-server-is-affected-by-a-cross-site-request-forgery-vulnerability-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-have-been-identified-in-ibm-websphere-application-server-shipped-with-ibm-storediq-for-legal/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-connectdirect-web-services-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-march-2021/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-discovery-for-ibm-cloud-pak-for-data-affected-by-vulnerability-in-python-3/
- https://www.ibm.com/blogs/psirt/security-bulletin-google-api-client-as-used-by-ibm-qradar-siem-is-vulnerable-to-authorization-bypass-cve-2020-7692-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-with-ibm-content-navigator-component-in-ibm-business-automation-workflow-cve-2020-4687-cve-2020-4760-cve-2020-4704-2/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affects-websphere-application-server-january-2021-cpu-that-is-bundled-with-ibm-websphere-application-server-patterns/
- https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-jackson-databind-affect-ibm-spectrum-symphony/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-and-ibm-java-runtime-affect-tpf-toolkit-5/
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-application-manager-oct-2020-cpu-cve-2020-14779cve-2020-14796-cve-2020-14797cve-2020-14798/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-multiple-vulnerabilities-in-java-se/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-v10-is-impacted-by-insecure-communications-during-database-replication-cve-2020-4695/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-vulnerable-to-denial-of-service-dos-via-node-js-cve-2020-8277/
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connects-provider-org-registration-flow-is-vulnerable-to-impersonation-and-sensitive-information-leak-cve-2020-4903/