الوصف
IBM has released security updates to address several vulnerabilities in several products:
- IBM SPSS Modeler
- IBM Cloud Pak System
التهديدات
Attacker could exploit these vulnerabilities by doing the following:
Execute arbitrary code remotely
Unauthorized disclosure of information
Denial of service attack (DoS)
Buffer overflow
Execute arbitrary code remotely
Unauthorized disclosure of information
Denial of service attack (DoS)
Buffer overflow
أفضل الممارسات والتوصيات:
The CERT team encourages users to review IBM security advisory and apply the necessary updates:
https://www.ibm.com/blogs/psirt/security-bulletin-apache-commons-configuration-vulnerability-affects-ibm-spss-modeler-cve-2022-33980/
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-expat-glibc-http-server-dojo-openssl-shipped-with-ibm-cloud-pak-system/
https://www.ibm.com/blogs/psirt/security-bulletin-apache-commons-configuration-vulnerability-affects-ibm-spss-modeler-cve-2022-33980/
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-expat-glibc-http-server-dojo-openssl-shipped-with-ibm-cloud-pak-system/