Security Bulletin: IBM Security Verify Password Synchronization Plug-in for Windows AD affected by multiple vulnerabilities (CVE-2021-20488, CVE-2021-20494, CVE-2021-20572, CVE-2021-20573, CVE-2021-20574)
IBM has announced a release for IBM Security Verify Password Synchronization Plug-in for Windows AD to address several security vulnerabilities. The vulnerabilities concern denial of service and account take over.
There is a vulnerability in Apache log4j used by Spark and Zookeeper that is affecting QRadar User Behavior Analytics(UBA). This has been addressed in both dependencies and UBA has been updated to the patched versions. ...read more
There are vulnerabilities in third party packages (JQuery-UI, Highcharts, datatables.net) affecting User Behavior Anaytics(UBA). UBA has been updated to the latest versions of these packages to address these vulnerabilities. ...read more