Your review has been sent successfully

IBM Updates

2947
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Warning Date

Severity Level

Warning Number

Target Sector

2 March, 2020

● High

2020-981

All

Description:

IBM has released security updates to address vulnerabilities in the following products:

  • IBM Security Information Queue (ISIQ)
  • NGINX
    • IBM Aspera Shares
  • Mozzila Firefox
    • APM AM
    • BAM 1.0
    • APM SaaS
    • APM on-premise
    • ICAM
  • TensorFlow
    • Watson Machine Learning Community Edition
    • IBM PowerAI
  • SQLite
    • Watson Machine Learning Community Edition
    • IBM PowerAI
    • ITCAM for Transactions
  • OpenSLL
    • G8264
    • G8316
    • G8052
    • G8264
    • G8332
    • G8124/G8124E
    • G8264T
    • G8124/G8124E
    • G8264CS_SI
    • G8264CS
    • IBM Aspera Faspex
    • IBM Aspera Console
    • IBM Aspera Orchestrator
    • IBM Flex System EN2092 1Gb Ethernet Scalable Switch
    • IBM Flex System Fabric SI4093 GbFSIM 10Gb ScSw
    • IBM Flex System Fabric EN4093/EN4093R 10Gb Scalable Switch
    • IBM Flex System CN4093 10Gb Converged Scalable Switch
  • NGINX
    • IBM Aspera Shares
  • WebSphere Application Server
    • Jazz for Service Management
    • IBM Operations Analytics Predictive Insights
    • IBM Spectrum Control (formerly Tivoli Storage Productivity Center)
    • IBM MobileFirst Platform Foundation
  • Python
    • IBM Operations Analytics Predictive Insights
  • netty
    • IBM Operations Analytics Predictive Insights
    • Spectrum Control
  • IBM MQ Console and REST API
    • IBM MQ
  • IBM Java SDK
    • IBM Tivoli System Automation for Multiplatforms
    • IBM Spectrum Control (formerly Tivoli Storage Productivity Center)
  • Apache ActiveMQ Client
    • Jazz for Service Management
  • libcurl
    • IBM Integrated Management Module II (IMM2) for System x and Flex
    • IBM Integrated Management Module II (IMM2) for BladeCenter
  • IBM Java Runtime
    • Financial Transaction Manager for Check Services for Multi-Platform
  • Apache Log4j
    • IBM Spectrum Control (formerly Tivoli Storage Productivity Center)
  • Websphere Liberty and OpenLiberty
    • IBM MobileFirst Platform Foundation
    • IBM MobileFirst Foundation
  • Node.js
    • IBM Spectrum Control (formerly Tivoli Storage Productivity Center)
  • TCP
    • IBM Integrated Management Module II (IMM2) for System x and Flex
    • IBM Integrated Management Module II (IMM2) for BladeCenter
  • Apache HTTP Server
    • IBM Security SiteProtector System
  • WAS Liberty
    • IBM MobileFirst Platform Foundation

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Sensitive information disclosure
  • Execute arbitrary code –remotely
  • Denial of service attack (DoS)
  • Application crash
  • Buffer overflow

Best practice and Recommendations:

The CERT team encourages users to review IBM security advisory and apply the necessary updates:

Last updated at 2 March, 2020

Rate the content

rate-icon
up icon