Medium Severity

Security Bulletin: Vulnerability in ntp (CVE-2020-11868 and CVE-2020-13817).

Sep 19, 2020 8:00 pm EDT

Share this post:

NTP (Network Time Protocol) used to synchronize the time on your Power Hardware Management Console (HMC) with a centralized NTP server. HMC has addressed the applicable CVEs.

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
HMC V9.1.910.0	V9.1.910.0 and later

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6335051

Medium Severity

Security Bulletin: Denial of Service with HTTP/2 in IBM DataPower Gateway (CVE-2020-4579)

Search Posts

Resources

Feed for PSIRT Blog Posts

IBM Product Security Vulnerabilities

See information about: IBM Security Bulletins, IBM Security Vulnerability Management (PSIRT), Reporting a Security Issue, IBM Secure Engineering

Learn More

IBM Product Support Portal

Access IBM Product Support to: Subscribe to Notifications, Download Fixes & PTFs (Fix Central), Access the Directory of IBM Worldwide Contacts

See What's New

Helpful Information

Security Bulletin: Cross-Site Scripting Security Vulnerability Affects IBM Sterling B2B Integrator Standard Edition ( CVE-2020-4564)

Oct 19, 2020 8:01 pm EDT | Medium Severity

IBM Sterling B2B Integrator Standard Edition has addressed XSS security vulnerability. ...read more

Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale where an unprivileged local user may cause a denial of service ( CVE-2020-4411)

Oct 19, 2020 8:01 pm EDT | Medium Severity

A security vulnerability has been identified in all levels of IBM Spectrum Scale that could allow a local attacker to cause a denial of service. A fix for this vulnerability is available. ...read more

Security Bulletin: IBM Elastic Storage System 3000 is affected by weak cryptographic algorithm (CVE-2020-4350)

Oct 19, 2020 8:00 pm EDT | Medium Severity

A security vulnerability has been identified in all levels of IBM Elastic Storage System 3000 GUI. A fix for this vulnerability is available. ...read more

Medium Severity

Security Bulletin: Vulnerability in ntp (CVE-2020-11868 and CVE-2020-13817).

Security Bulletin: Denial of Service with HTTP/2 in IBM DataPower Gateway (CVE-2020-4579)

Security Bulletin: Vulnerability in bind (CVE-2020-8616 and CVE-2020-8617).

Search Posts

Archives

Resources

IBM Product Security Vulnerabilities

IBM Product Support Portal

Helpful Information

Security Bulletin: Cross-Site Scripting Security Vulnerability Affects IBM Sterling B2B Integrator Standard Edition ( CVE-2020-4564)

Oct 19, 2020 8:01 pm EDT | Medium Severity

Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale where an unprivileged local user may cause a denial of service ( CVE-2020-4411)

Oct 19, 2020 8:01 pm EDT | Medium Severity

Security Bulletin: IBM Elastic Storage System 3000 is affected by weak cryptographic algorithm (CVE-2020-4350)

Oct 19, 2020 8:00 pm EDT | Medium Severity