High Severity

Security Bulletin: Multiple Vulnerabilities in Intel Processors affect Cloud Pak System

Share this post:

Multiple Vulnerabilities in Intel Processors affect Cloud Pak System. Cloud Pak System has addressed these vulnerabilities.

CVE(s): CVE-2020-8700, CVE-2020-8670, CVE-2020-12357, CVE-2020-12358, CVE-2020-12359, CVE-2020-12360, CVE-2020-24486, CVE-2020-24511, CVE-2020-24512

Affected product(s) and affected version(s):

 

Affected Product(s) Version(s)
IBM Cloud Pak System  2.3

 

Affected Node / System (s)   Component 
 System SN550   UEFI
 System SR630   UEFI
 System  X3550 M5    UEFI
x240 M5 Compute Node   UEFI

Notice. Solely SN550 and SR630 systems are affected by CVE-2020-24511 and CVE-2020-24512.

 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6569535
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203409
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203410
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203300
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203414
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203413
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203412
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203411
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203398
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203396

More stories

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for June 2022

July 1, 2022 | High Severity

In addition to many updates of open source packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.2-IF012 and 21.0.3-IF010. ...read more


Security Bulletin: Remote code execution vulnerability affect IBM Business Automation Workflow – CVE-2021-43138

July 1, 2022 | High Severity

IBM Business Automation Workflow is vulnerable to a remote code execution attack. ...read more


Security Bulletin: Vulnerabilities in Samba, OpenSSL, Python, and XStream affect IBM Spectrum Protect Plus (CVE-2021-20254, CVE-2021-3712, CVE-2021-43859, CVE-2022-0778, CVE-2020-25717, CVE-2021-23192, CVE-2021-3733)

June 30, 2022 | High Severity

Vulnerabilities in Samba, OpenSSL, Python, and XStream may affect IBM Spectrum Protect Plus. These vulnerabilities include bypassing security restrictions, obtaining sensitive information, denial of service, and elevation of privileges. ...read more