High Severity

Security Bulletin: Vulnerability in Bash affects IBM Spectrum Protect Plus (CVE-2019-9924)

Aug 31, 2020 8:03 pm EDT

Share this post:

A vulnerability in Bash could allow a remote attacker to executive arbitrary commands on the system which may affect IBM Spectrum Protect Plus.

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
IBM Spectrum Protect Plus	10.1.0-10.1.6

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6255086

High Severity

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Apache Thrift (CVE-2019-0205)

Search Posts

Resources

Feed for PSIRT Blog Posts

IBM Product Security Vulnerabilities

See information about: IBM Security Bulletins, IBM Security Vulnerability Management (PSIRT), Reporting a Security Issue, IBM Secure Engineering

Learn More

IBM Product Support Portal

Access IBM Product Support to: Subscribe to Notifications, Download Fixes & PTFs (Fix Central), Access the Directory of IBM Worldwide Contacts

See What's New

Helpful Information

Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow – CVE-2020-4687, CVE-2020-4760, CVE-2020-4704

Mar 8, 2021 7:00 pm EST | High Severity

The embedded IBM Content Navigator, that is shipped with IBM Business Automation Workflow is vulnerable to several security vulnerabilities. ...read more

Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management

Mar 8, 2021 7:00 pm EST | High Severity

Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported vulnerability. ...read more

Security Bulletin: Vulnerability in FasterXML Jackson libraries affect IBM Cúram Social Program Management (CVE-2020-25649)

Mar 8, 2021 7:00 pm EST | High Severity

IBM Cúram Social Program Management uses the FasterXML Jackson libraries, for which there is a publicly known vulnerability. For this vulnerability FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. ...read more

High Severity

Security Bulletin: Vulnerability in Bash affects IBM Spectrum Protect Plus (CVE-2019-9924)

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Apache Thrift (CVE-2019-0205)

Security Bulletin: Multiple Security Vulnerabilities in Apache Struts Affect IBM Sterling File Gateway (CVE-2019-0233, CVE-2019-0230)

Search Posts

Archives

Resources

IBM Product Security Vulnerabilities

IBM Product Support Portal

Helpful Information

Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow – CVE-2020-4687, CVE-2020-4760, CVE-2020-4704

Mar 8, 2021 7:00 pm EST | High Severity

Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management

Mar 8, 2021 7:00 pm EST | High Severity

Security Bulletin: Vulnerability in FasterXML Jackson libraries affect IBM Cúram Social Program Management (CVE-2020-25649)

Mar 8, 2021 7:00 pm EST | High Severity