May 3, 2022
Categorized: High Severity
Share this post:
Multiple Vulnerabilities in Intel Processors affect Cloud Pak System. Cloud Pak System has addressed these vulnerabilities.
CVE(s): CVE-2020-8700, CVE-2020-8670, CVE-2020-12357, CVE-2020-12358, CVE-2020-12359, CVE-2020-12360, CVE-2020-24486, CVE-2020-24511, CVE-2020-24512
Affected product(s) and affected version(s):
Notice. Solely SN550 and SR630 systems are affected by CVE-2020-24511 and CVE-2020-24512.
Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: https://www.ibm.com/support/pages/node/6569535 X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203409X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203410X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203300X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203414X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203413X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203412X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203411X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203398X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203396
See information about: IBM Security Bulletins, IBM Security Vulnerability Management (PSIRT), Reporting a Security Issue, IBM Secure Engineering
Access IBM Product Support to: Subscribe to Notifications, Download Fixes & PTFs (Fix Central), Access the Directory of IBM Worldwide Contacts
See What's New
In addition to many updates of open source packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.2-IF012 and 21.0.3-IF010. ...read more
IBM Business Automation Workflow is vulnerable to a remote code execution attack. ...read more
Vulnerabilities in Samba, OpenSSL, Python, and XStream may affect IBM Spectrum Protect Plus. These vulnerabilities include bypassing security restrictions, obtaining sensitive information, denial of service, and elevation of privileges. ...read more