Newsletters
Abstract
Hello and welcome to the IBM Monitoring Academy Newsletter for March April 2021
In these bi-monthly newsletters we are sharing a selection of our high value content, recent updates, and any information you might missed. It is hosted here with external links within the blog so have a read.
Content
IBM Monitoring Academy Newsletter |
|
|
Link to ITCAM For Transactions Updates Section Link to ICAM/CP4MCM/ICP Updates Section Link to End of Support Section Link to New IBM/ITM Related websites Section |
Hello and Welcome to the March/April 2021 NewsletterHere are the updates we have for you for the months of March and April 2021... Please send your comments to the email address below: ksaipas@uk.ibm.com |
ITM v6
IJ30941: Tivoli Enterprise portalEP BROWSER VIEW GENERATES FAILING URL'S WHEN DOCUMENT PATHS BEGIN WITH "CLASSES" QUALIFIER..
Error description: Due to the current approach used by the TEP client to construct a valid URL based on relative document paths, if a networked device in the environment is known to the DNS (or the TEP client machine's local hosts file) using a domain name that begins with "classes", the URL construction will fail to produce the correct fully-qualified URI.
APAR Status - Open.
https://www.ibm.com/support/pages/apar/IJ30941
IJ31042: Log file AGENT ON LINUX CAN HANG AT AGENT SHUTDOWN.
Error description: The log file Agent can hang indefinitely at agent shutdown, the problem is not easily reproducible and has so far been observed only on Red Hat Linux 8
APAR Status - Open
https://www.ibm.com/support/pages/apar/IJ31042
IJ29341: ITM v6 MANAGED SYSTEM COUNT NOT EXPORTED.
Error description : Exporting followed by Importing "Managed Systems count per Managing System' graph of the Self-Monitoring Topology workspace returns a KFWITM217E Request error: SQL_CreateRequest failed, rc=350
https://www.ibm.com/support/pages/apar/IJ29341
IJ30276: ITM v6 RESTAPI IS FAILING AFTER 6.30.7 SP6.
Error description : java.lang.NoClassDefFoundError: org.apache.activemq.util.FactoryFinder when starting REST api (also known as ITMREST.ear)
https://www.ibm.com/support/pages/apar/IJ30276
IJ30290: UPLIFT ITM v6 Java RUNTIME ENVIRONMENT (JRE).
Error description :The IBM Java™ Runtime (JREs) shipped with ITM v6 will be uplifted to a more current version (7.0.10.75 or later and 8.0.6.20 or later)
https://www.ibm.com/support/pages/apar/IJ30290
IJ32190: AGENT RARELY HANGS WHEN COLLECTING LINUX FILE INFORMATION DATA.
Error description:When a situation or historical collection is collecting data for the Linux File Information attribute group, the code can rarely get into a loop resulting in the agent hanging. The agent process continues to run, however the agent is reported as offline to the TEMS/TEP and requires a the force option to stop it.
APAR Status: Open
https://www.ibm.com/support/pages/apar/IJ32190
Troubleshooting (IBM Tivoli Monitoring v6)
ITM v6 Agents / tacmd commands on AIX fail after upgrading to Service Pack 7.
Problem: After upgrading the Summarization and Pruning Agent to SP7 on AIX, the agent fails with
https://www.ibm.com/support/pages/node/6443755
Downloads/New Releases/Technotes (ITM v6 v6)
IBM Tivoli Monitoring 6.3.0 Fix Pack 7 Service Pack 7 (6.3.0.7-TIV-ITM-SP0007) has been released.
Abstract :This is a cumulative service pack for ITM v6 version 6.3.0 Fix Pack 7.
https://www.ibm.com/support/pages/node/6430629
Security Bulletin: Multiple vulnerabilities in IBM Java™ included with IBM Tivoli Monitoring.
Summary: There are several vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple ITM v6 (ITM) components. .
https://www.ibm.com/support/pages/node/6438833
Awaiting Items to add
ITCAM For Transactions v7.4
Download/New releases/Technotes (ITCAM4Tx)Agent compatibility with ITM v6 6.3.0 Fix Pack 7 Service Pack 6 (and later service packs).
This updates the Microsoft Visual C++ runtimes used for the Tivoli Enterprise Management Agents Framework (TEMA) running on Windows operating systems. Agents, which ship separate from the service pack still need to be verified and possibly rebuilt in order to correctly function with the updated framework.
https://www.ibm.com/support/pages/agent-compatibility-ibm-tivoli-monitoring-630-fix-pack-7-service-pack-6-and-later-service-packs.
Why I can't see any transaction monitoring results in Tivoli Enterprise Portal GUI after a robotic RFT test script playback on RRTA agent?.
Question : Why I can't see any monitoring data displayed in IBM Tivoli Enterprise Portal GUI console, after a robotic Rational Functional Tester test script has been played back successfully on a Robotic Response Time (t6) agent?.
https://www.ibm.com/support/pages/node/6430195.
IBM Tivoli Composite Application Manager for Transactions Response Time 7.4.0.1 Interim Fix 52.
Readme file for: 7.4.0.1-TIV-CAMRT-IF0052
Product/Component Release: 7.4.0.1
Update Name: 7.4.0.1-TIV-CAMRT-IF0052
Fix ID: 7.4.0.1-TIV-CAMRT-AIX-IF0052, 7.4.0.1-TIV-CAMRT-LINUX-IF0052, 7.4.0.1-TIV-CAMRT-WINDOWS-IF0052
Publication Date: 1 Apr 2021
Last modified date: 1 Apr 2021
Description: This IFIX contains Java update for IBM SDK, Java™ Technology Edition Quarterly CPU - Jan 2021 - Includes Oracle Jan 2021 CPU plus CVE-2020-27221. .
https://www.ibm.com/support/pages/node/6437889.
Security Bulletins (ITCAM4Tx)
No publication
APM v8
Troubleshooting (APM)Individual users in APM Role Based Access Control cannot be listed.
Question :Individual users in APM Role Based Access Control cannot be listed but Groups can be listed. .
https://www.ibm.com/support/pages/node/6441007
IBM Application Performance Management 8.1.4 8.1.4.0-IBM-APM-SERVER-IF0010.
Abstract: Readme file for: IBM Cloud Application Performance Management Private, Version 8.1.4.0 Server Interim Fix 10 Product/Component Release: 8.1.4 Update Name: 8.1.4.0-IBM-APM-SERVER-IF0010 Fix ID: 8.1.4.0-IBM-APM-SERVER-IF0010
Publication Date: 31 March 2020
Last modified date: 3 March 2021.
https://www.ibm.com/support/pages/node/6120993
IBM Application Performance Management 8.1.4 8.1.4.0-IBM-APM-SERVER-IF0011.
Abstract: Product/Component Release: 8.1.4Update Name: 8.1.4.0-IBM-APM-SERVER-IF0011 Fix ID: 8.1.4.0-IBM-APM-SERVER-IF0011
Publication Date: 18 February 2021
Last modified date: 3 March 2021
https://www.ibm.com/support/pages/node/6415935
IBM APM agents 8.1.4.0.14.
Question : What are the versions of agents included in IBM Application Performance Management agents refresh package version 8.1.4.0.14?
https://www.ibm.com/support/pages/node/6424537
IBM APM 8.1 GUI console - Synthetic Script Editor - Save transaction button inactive.
Question : Why can't I save a new synthetic transaction using APM UI Synthetic Script Editor? The 'Save Transaction' button is greyed out?
https://www.ibm.com/support/pages/node/6427611
APM 8.1 - Versions of Firefox ESR supported by the Synthetic Playback Agent.
Question :What version of Firefox is supported by the IBM Cloud Application Performance Management - Synthetic Playback Agent?
https://www.ibm.com/support/pages/node/6217823
IBM Application Performance Management 8.1.4.0 8.1.4.0-IBM-APM-SYNTHETIC-PLAYBACK-AGENT-IF0013.
Readme file for: Synthetic Playback Agent for IBM Cloud Application Performance Management 8.1.4.0 Interim Fix 13
Product/Component Release: 8.1.4
Update Name: 8.1.4.0-IBM-APM-SYNTHETIC-PLAYBACK-AGENT-IF0013
Fix ID: 8.1.4.0-IBM-APM-SYNTHETIC-PLAYBACK-AGENT-IF0013
Publication Date: 10 MAR 2020
Last modified date: 16 MAR 2020
https://www.ibm.com/support/pages/node/6427923
IBM Application Performance Management 8.1.4 Instana Integration Technical Preview Readme.
Readme file for: IBM Cloud Application Performance Management Private, Version 8.1.4.0 Instana Integration Technical Preview
Product/Component Release: 8.1.4
Publication Date: 30 MAR 2021
Last modified date: 30 MAR 2021
https://www.ibm.com/support/pages/node/6426717
Linux disk space less than situation.
Question :Why is my Linux disk space situation with less than percent is not working correctly?
https://www.ibm.com/support/pages/node/6440465
Individual users in APM Role Based Access Control cannot be listed.
Question :Why is individual users in APM Role Based Access Control cannot be listed but Groups can be listed ?
https://www.ibm.com/support/pages/node/6441007
8.1.4.0-IBM-APM-CORE-FRAMEWORK-IF0021.
Abstract: IBM Application Performance Management 8.1.4.0 core framework IF21 (8.1.4.0-IBM-APM-CORE-FRAMEWORK-IF0021)
Update Name/Fix ID: 8.1.4.0-IBM-APM-CORE-FRAMEWORK-IF0021
This Core Framework patch works for both APM (IBM Cloud Application Performance Management) and ICAM (IBM Cloud App Management)
https://www.ibm.com/support/pages/node/6440899
IJ31847: APM UI CLICKJACKING VULNERABILITY.
Error description:
The X-Frame-Options or Content-Security-Policy headers are not available in the response for GET requests to
https://apm-server:9443/secured or
https://apm-server:9443/unsecured when the HTTP response code is 200. This request may be vulnerable to Clickjacking.
APAR Status - Open
https://www.ibm.com/support/pages/apar/IJ31847
Change History of Monitoring Agent for RabbitMQ.
https://www.ibm.com/support/pages/node/879931
Change History of Monitoring Agent for MariaDB.
https://www.ibm.com/support/pages/node/1103661
Change History of Monitoring Agent for Microsoft.NET.
https://www.ibm.com/support/pages/node/880157
Change History of Monitoring Agent for SAP Applications.
https://www.ibm.com/support/pages/node/879867
Change History of Monitoring Agent for Hadoop.
https://www.ibm.com/support/pages/node/879883
IJ32132: APM RZ AGENT CRASHES ON SOLARIS SPARC.
Error description: Not able to get database down alert reported by Oracle agent.
APAR Status: Open
https://www.ibm.com/support/pages/apar/IJ32132
Download/New releases/Technotes (APM)
Need to have APM OS agent run as a different user.
Summary: Customer does not want the agent to run as root. He needs the agent to run as a non-root user. When he changes it to a non-root user the agent will not start. Issue seems to be a permissions and credentials issue.
https://www.ibm.com/support/pages/node/6414651
Does the APM agent access the database on the APM Server.
https://www.ibm.com/support/pages/node/6414673
DB2 Agent high CPU usage.
Question : Is the APM agent causing high CPU usage on the servers?
https://www.ibm.com/support/pages/node/6414683
Change History of Monitoring Agent for VMware VI.
Abstract : Change History of Monitoring Agent for VMware VI
https://www.ibm.com/support/pages/node/880169
Change History of Monitoring Agent for Linux KVM.
Abstract : Change History of Monitoring Agent for Linux KVM
https://www.ibm.com/support/pages/change-history-monitoring-agent-linux-kvm
What's new for the March 2021 refresh of V8.1.4.0.15.
New features, capabilities, and coverage are available in the latest release.
https://www.ibm.com/docs/en/capmp/8.1.4?topic=whats-new
Security Bulletins (APM)
Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.5 ESR + CVE-2020-26951) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF11 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressing vulnerabilities.
https://www.ibm.com/support/pages/node/6417173
Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.5 ESR + CVE-2020-15683) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF12 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-15683, CVE-2020-15969.
https://www.ibm.com/support/pages/node/6417179?
Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.5 ESR + CVE-2020-26950) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF12 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-26950
https://www.ibm.com/support/pages/node/6417181
Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.5 ESR + CVE-2020-26950) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF12 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-15677, CVE-2020-15676, CVE-2020-15678, CVE-2020-15673.
https://www.ibm.com/support/pages/node/6417177
Multiple vulnerabilities in IBM Java™ Runtime affect APM CoreFramework (March 2021).
Summary: There are multiple vulnerabilities in APM CoreFramework. APM CoreFramework has addressed the applicable CVEs. Please use 8.1.4.0-IBM-APM-CORE-FRAMEWORK-IF0021.
https://www.ibm.com/support/pages/node/6440905
ICAM/CP4MCM/IBM Cloud Private (ICP)
Change History of Monitoring Agent for CouchDB.
https://www.ibm.com/support/pages/node/4634517
Change History of Monitoring Agent for Microsoft SharePoint Server.
https://www.ibm.com/support/pages/node/880225
Waiting Items to be added!
Download/New releases/Technotes (ICP/ICAM)
Waiting Items to be added!
Security Bulletins (ICP)
A Security Vulnerability affects IBM Cloud Private - OpenSSL (CVE-2019-1551).
Summary: Vulnerability Details CVEID: CVE-2019-1551
https://www.ibm.com/support/pages/security-bulletin-security-vulnerability-affects-ibm-cloud-private-openssl-cve-2019-1551-0
IBM Cloud Private is vulnerable to a Node.js lodash vulnerability (CVEID: 183560).
Summary: Node.js lodash module denial of service
https://www.ibm.com/support/pages/node/6338463
IBM Cloud Private is vulnerable to cURL vulnerabilities (CVE-2020-8169, CVE-2020-8177).
DESCRIPTION: cURL libcurl could allow a remote attacker to obtain sensitive information, caused by the failure to correctly URL encode the credential data when set using an curl_easy_setopt option.
https://www.ibm.com/support/pages/node/6417375
IBM Cloud Private is vulnerable to etcd vulnerabilities (CVE-2020-15106, CVE-2020-15112, CVE-2020-15113).
DESCRIPTION: etcd is vulnerable to a denial of service, caused by improper data validation in the decodeRecord method.
https://www.ibm.com/support/pages/node/6417459
IBM Cloud Private is vulnerable to a Go vulnerability (CVE-2020-15586).
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a data race in some net/http servers.
https://www.ibm.com/support/pages/node/6417431
IBM Cloud Private is vulnerable to Kubernetes vulnerabilities.
DESCRIPTION: Kubernetes is vulnerable to server-side request forgery, caused by a flaw in the kube-controller-manager.
https://www.ibm.com/support/pages/node/6417467
IBM Cloud Private is vulnerable to Helm vulnerabilities (CVE-2020-15187, CVE-2020-15186, CVE-2020-15185, CVE-2020-15184).
DESCRIPTION: Helm could allow a remote authenticated attacker to bypass security restrictions, caused by an issue with containing duplicates of the same entry in the plugin.yaml file.
https://www.ibm.com/support/pages/node/6417481
IBM Cloud Private is vulnerable to a Go vulnerability (CVE-2020-16845).
DESCRIPTION: Go Language is vulnerable to a denial of service, caused by an infinite read loop in ReadUvarint and ReadVarint in encoding/binary.
https://www.ibm.com/support/pages/node/6417463
IBM Cloud Private is vulnerable to a WebSphere Application Server Liberty vulnerability (CVE-2020-4590).
DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client.
https://www.ibm.com/support/pages/node/6417479
IBM Cloud Private is vulnerable to a MongoDB vulnerability (CVE-2020-7923).
DESCRIPTION: MongoDB is vulnerable to a denial of service, caused by a flaw in geoNear invariant.
https://www.ibm.com/support/pages/node/6417473
IBM Cloud Private is vulnerable to a Java vulnerability (CVE-2020-14782).
DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
https://www.ibm.com/support/pages/node/6417493
IBM Cloud Private is vulnerable to Node.js vulnerabilities (CVE-2020-8201, CVE-2020-8252, CVE-2020-8251).
DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by CR-to-Hyphen conversion.
https://www.ibm.com/support/pages/node/6417485
IBM Cloud Private is vulnerable to a Go vulnerability (CVE-2020-28362).
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validation by the math/big.Int methods.
https://www.ibm.com/support/pages/node/6417495
IBM Cloud Private is vulnerable to Java vulnerabilities (CVE-2020-14792, CVE-2020-14797, CVE-2020-14781, CVE-2020-14779, CVE-2020-14798, CVE-2020-14796).
DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.
https://www.ibm.com/support/pages/node/6417491
IBM Cloud Private is vulnerable to Kubernetes vulnerabilities (CVE-2020-8566, CVE-2020-8565, CVE-2020-8563, CVE-2020-8564).
DESCRIPTION: Kubernetes could allow a local authenticated attacker to obtain sensitive information, caused by a flaw when Ceph RBD volumes are supported and kube-controller-manager is using logLevel >= 4.
https://www.ibm.com/support/pages/node/6417487
IBM Cloud Private is vulnerable to MongoDB vulnerabilities (CVE-2020-7926, CVE-2020-7925, CVE-2020-7928.
DESCRIPTION: MongoDB Server is vulnerable to a denial of service. By sending specially-crafted queries, a remote authenticated attacker could exploit this vulnerability to cause the system to crash.
https://www.ibm.com/support/pages/node/6417497
IBM Cloud Private is vulnerable to a Python vulnerability (CVE-2020-25659).
DESCRIPTION: python-cryptography could allow a remote attacker to obtain sensitive information, caused by a Bleichenbacher timing attack.
https://www.ibm.com/support/pages/node/6417499
[Out of support (EOS) products and versions Content].
https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&htmlfid=897/ENUS919-196&appname=USN
[New IBM/ITM Related websites Section].
Coming Soon!Product Synonym
APM;ITM;ITCAM;ITCAM4TX;
Was this topic helpful?
Document Information
Modified date:
30 December 2022
UID
ibm16417023