Newsletters
Abstract
Hello and welcome to the IBM Monitoring Academy Newsletter for March April 2021.
In these bi-monthly newsletters we are sharing a selection of our high value content and recent updates.
Content
IBM Monitoring Academy Newsletter |
|
Link to ITCAM For Transactions Updates Section Link to ICP/ICAM/CP4MCM Updates Section Link to End of Support Section Link to New IBM/ITM Related websites Section |
Hello and Welcome to the March/April 2021 NewsletterHere are the updates we have for you for the months of March and April 2021... Archives at www.ibm.com/support/pages/node/6415769 |
IBM Tivoli Monitoring v6
IJ30941: Tivoli Enterprise Portal BROWSER VIEW GENERATES FAILING URL'S WHEN DOCUMENT PATHS BEGIN WITH "CLASSES" QUALIFIER.
Error description: Due to the current approach used by the Tivoli Enterprise Portal client to construct a valid URL based on relative document paths, if a networked device in the environment is known to the DNS (or the TEP client machine's local hosts file) that uses a domain name that begins with "classes", the URL construction will fail to produce the correct fully qualified URI.
APAR Status - Open.
https://www.ibm.com/support/pages/apar/IJ30941
IJ31042: log file AGENT ON LINUX CAN HANG AT AGENT SHUTDOWN.
Error description: The log file Agent can hang indefinitely at agent shutdown. The problem is not easily reproducible and has so far been observed only on Red Hat Linux 8
APAR Status - Open
https://www.ibm.com/support/pages/apar/IJ31042
IJ29341: IBM Tivoli Monitoring v6 MANAGED SYSTEM COUNT NOT EXPORTED.
Error description: Exporting followed by Importing "Managed Systems count per Managing System' graph of the Self-Monitoring Topology workspace returns a KFWITM217E Request error: SQL_CreateRequest failed, rc=350
https://www.ibm.com/support/pages/apar/IJ29341
IJ30276: IBM Tivoli Monitoring v6 RESTAPI IS FAILING AFTER 6.30.7 SP6.
Error description: java.lang.NoClassDefFoundError: org.apache.activemq.util.FactoryFinder when starting REST api (also known as ITMREST.ear)
https://www.ibm.com/support/pages/apar/IJ30276
IJ30290: UPLIFT IBM Tivoli Monitoring v6 Java RUNTIME ENVIRONMENT (JRE).
Error description: The IBM Java™ Runtime (JREs) shipped with IBM Tivoli Monitoring v6 will be uplifted to a more current version (7.0.10.75 or later and 8.0.6.20 or later)
https://www.ibm.com/support/pages/apar/IJ30290
IJ32190: AGENT RARELY HANGS WHEN COLLECTING LINUX FILE INFORMATION DATA.
Error description: When a situation or historical collection is collecting data for the Linux File Information attribute group, the code can rarely get into a loop resulting in the agent hanging. The agent process continues to run, however the agent is reported as offline to the TEMS/TEP and requires a the force option to stop it.
APAR Status: Open
https://www.ibm.com/support/pages/apar/IJ32190
Troubleshooting (IBM Tivoli Monitoring v6)
IBM Tivoli Monitoring v6 Agents / tacmd commands on AIX fail after upgrading to Service Pack 7.
Problem: After upgrading the Summarization and Pruning Agent to SP7 on AIX, the agent fails withhttps://www.ibm.com/support/pages/node/6443755
tacmd updateagent to SP6 fails on WINDOWS OS Agents.
Problem: When attempting to upgrade WINDOWS OS agents to SP6, the upgrade fails and the Agent remains offline.
https://www.ibm.com/support/pages/node/6447079
Downloads/New Releases/Technotes (IBM Tivoli Monitoring v6)
IBM Tivoli Monitoring 6.3.0 Fix Pack 7 Service Pack 7 (6.3.0.7-TIV-ITM-SP0007) is now released.
Abstract :This is a cumulative service pack for IBM Tivoli Monitoring v6 version 6.3.0 Fix Pack 7.
https://www.ibm.com/support/pages/node/6430629
Security Bulletin: Multiple vulnerabilities in IBM Java™ included with IBM Tivoli Monitoring.
Summary: There are several vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring v6 (ITM) components. .
https://www.ibm.com/support/pages/node/6438833
ITCAM For Transactions v7.4
Download/New releases/Technotes (ITCAM4Tx)Agent compatibility with IBM Tivoli Monitoring 6.3.0 Fix Pack 7 Service Pack 6 (and later service packs).
This updates the Microsoft Visual C++ runtimes used for the Tivoli Enterprise Management Agents Framework (TEMA) running on Windows operating systems. Agents, which ship separate from the service pack still need to be verified and possibly rebuilt in order to correctly function with the updated framework.
https://www.ibm.com/support/pages/agent-compatibility-ibm-tivoli-monitoring-630-fix-pack-7-service-pack-6-and-later-service-packs.
Why I can't see any transaction monitoring results in Tivoli Enterprise Portal GUI after a robotic Rational Functional Tester test script playback on RRTA agent.
Question: Why I can't see any monitoring data displayed in IBM Tivoli Enterprise Portal GUI console, after a robotic Rational Functional Tester test script has been played back successfully on a Robotic Response Time (t6) agent.
https://www.ibm.com/support/pages/node/6430195.
IBM Tivoli Composite Application Manager for Transactions Response Time 7.4.0.1 interim fix 52.
Readme file for: 7.4.0.1-TIV-CAMRT-IF0052
Product/Component Release: 7.4.0.1
Update Name: 7.4.0.1-TIV-CAMRT-IF0052
Fix ID: 7.4.0.1-TIV-CAMRT-AIX-IF0052, 7.4.0.1-TIV-CAMRT-LINUX-IF0052, 7.4.0.1-TIV-CAMRT-WINDOWS-IF0052
Publication Date: 1 Apr 2021
Last modified date: 1 Apr 2021
Description: This interim fix contains Java update for IBM SDK, Java™ Technology Edition Quarterly CPU - Jan 2021 - Includes Oracle Jan 2021 CPU plus CVE-2020-27221. .
https://www.ibm.com/support/pages/node/6437889.
Security Bulletins (ITCAM4Tx)
APM v8
Troubleshooting (APM)Individual users in APM Role Based Access Control cannot be listed.
Question: Individual users in APM Role Based Access Control cannot be listed but Groups can be listed.
https://www.ibm.com/support/pages/node/6441007
IBM Application Performance Management 8.1.4 8.1.4.0-IBM-APM-SERVER-IF0010.
Abstract: Readme file for: IBM Cloud Application Performance Management Private, Version 8.1.4.0 Server interim fix 10 Product/Component Release: 8.1.4 Update Name: 8.1.4.0-IBM-APM-SERVER-IF0010 Fix ID: 8.1.4.0-IBM-APM-SERVER-IF0010
Publication Date: 31 March 2020
Last modified date: 3 March 2021.
https://www.ibm.com/support/pages/node/6120993
IBM Application Performance Management 8.1.4 8.1.4.0-IBM-APM-SERVER-IF0011.
Abstract: Product/Component Release: 8.1.4Update Name: 8.1.4.0-IBM-APM-SERVER-IF0011 Fix ID: 8.1.4.0-IBM-APM-SERVER-IF0011
Publication Date: 18 February 2021
Last modified date: 3 March 2021
https://www.ibm.com/support/pages/node/6415935
IBM APM agents 8.1.4.0.14.
Question: What are the versions of agents included in IBM Application Performance Management agents refresh package version 8.1.4.0.14?
https://www.ibm.com/support/pages/node/6424537
IBM APM 8.1 GUI console - Synthetic Script Editor - Save transaction button inactive.
Question: Why can't I save a new synthetic transaction using APM UI Synthetic Script Editor? The 'Save Transaction' button is disabled?
https://www.ibm.com/support/pages/node/6427611
APM 8.1 - Versions of Firefox ESR supported by the Synthetic Playback Agent.
Question: What version of Firefox is supported by the IBM Cloud Application Performance Management - Synthetic Playback Agent?
https://www.ibm.com/support/pages/node/6217823
IBM Application Performance Management 8.1.4.0 8.1.4.0-IBM-APM-SYNTHETIC-PLAYBACK-AGENT-IF0013.
Readme file for: Synthetic Playback Agent for IBM Cloud Application Performance Management 8.1.4.0 interim fix 13
Product/Component Release: 8.1.4
Update Name: 8.1.4.0-IBM-APM-SYNTHETIC-PLAYBACK-AGENT-IF0013
Fix ID: 8.1.4.0-IBM-APM-SYNTHETIC-PLAYBACK-AGENT-IF0013
Publication Date: 10 MAR 2020
Last modified date: 16 MAR 2020
https://www.ibm.com/support/pages/node/6427923
IBM Application Performance Management 8.1.4 Instana Integration Technical Preview readme.
Readme file for: IBM Cloud Application Performance Management Private, Version 8.1.4.0 Instana Integration Technical Preview
Product/Component Release: 8.1.4
Publication Date: 30 MAR 2021
Last modified date: 30 MAR 2021
https://www.ibm.com/support/pages/node/6426717
Linux disk space less than situation.
Question: Why is my Linux disk space situation with less than percent is not working correctly?
https://www.ibm.com/support/pages/node/6440465
Individual users in APM Role Based Access Control cannot be listed.
Question: Why is individual users in APM Role Based Access Control cannot be listed but Groups can be listed?
https://www.ibm.com/support/pages/node/6441007
8.1.4.0-IBM-APM-CORE-FRAMEWORK-IF0021.
Abstract: IBM Application Performance Management 8.1.4.0 core framework IF21 (8.1.4.0-IBM-APM-CORE-FRAMEWORK-IF0021)
Update Name/Fix ID: 8.1.4.0-IBM-APM-CORE-FRAMEWORK-IF0021
This Core Framework patch works for both APM (IBM Cloud Application Performance Management) and ICAM (IBM Cloud App Management)
https://www.ibm.com/support/pages/node/6440899
IJ31847: APM UI CLICK JACKING VULNERABILITY.
Error description:
The X-Frame-Options or Content-Security-Policy headers are not available in the response for GET requests to
https://apm-server:9443/secured or
https://apm-server:9443/unsecured when the HTTP response code is 200. This request may be vulnerable to Click jacking.
APAR Status - Open
https://www.ibm.com/support/pages/apar/IJ31847
Change History of Monitoring Agent for RabbitMQ.
https://www.ibm.com/support/pages/node/879931
Change History of Monitoring Agent for MariaDB.
https://www.ibm.com/support/pages/node/1103661
Change History of Monitoring Agent for Microsoft.NET.
https://www.ibm.com/support/pages/node/880157
Change History of Monitoring Agent for SAP Applications.
https://www.ibm.com/support/pages/node/879867
Change History of Monitoring Agent for Hadoop.
https://www.ibm.com/support/pages/node/879883
IJ32132: APM RZ AGENT CRASHES ON SOLARIS SPARC.
Error description: Not able to get database down alert reported by Oracle agent.
APAR Status: Open
https://www.ibm.com/support/pages/apar/IJ32132
Download/New releases/Technotes (APM)
Need to have APM OS agent run as a different user.
Summary: Customer does not want the agent to run as root. He needs the agent to run as a non-root user. When he changes it to a non-root user the agent will not start. Issue seems to be a permissions and credentials issue.
https://www.ibm.com/support/pages/node/6414651
Does the APM agent access the database on the APM Server.
https://www.ibm.com/support/pages/node/6414673
DB2 Agent high CPU usage.
Question: Is the APM agent causing high CPU usage on the servers?
https://www.ibm.com/support/pages/node/6414683
Change History of Monitoring Agent for VMware VI.
Abstract: Change History of Monitoring Agent for VMware VI
https://www.ibm.com/support/pages/node/880169
Change History of Monitoring Agent for Linux KVM.
Abstract: Change History of Monitoring Agent for Linux KVM
https://www.ibm.com/support/pages/change-history-monitoring-agent-linux-kvm
What's new for the March 2021 refresh of V8.1.4.0.15?
New features, capabilities, and coverage are available in the latest release.
https://www.ibm.com/docs/en/capmp/8.1.4?topic=whats-new
Security Bulletins (APM)
Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.5 ESR + CVE-2020-26951) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF11 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressing vulnerabilities.
https://www.ibm.com/support/pages/node/6417173
Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.5 ESR + CVE-2020-15683) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF12 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-15683, CVE-2020-15969.
https://www.ibm.com/support/pages/node/6417179?
Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.5 ESR + CVE-2020-26950) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF12 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-26950
https://www.ibm.com/support/pages/node/6417181
Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.5 ESR + CVE-2020-26950) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF12 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-15677, CVE-2020-15676, CVE-2020-15678, CVE-2020-15673.
https://www.ibm.com/support/pages/node/6417177
Multiple vulnerabilities in IBM Java™ Runtime affect APM CoreFramework (March 2021).
Summary: There are multiple vulnerabilities in APM CoreFramework. APM CoreFramework has addressed the applicable CVEs. Please use 8.1.4.0-IBM-APM-CORE-FRAMEWORK-IF0021.
https://www.ibm.com/support/pages/node/6440905
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.9.0 ESR + CVE-2020-16044) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF13 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-16044.
https://www.ibm.com/support/pages/node/6447465
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.9.0 ESR + CVE-2021-23954) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF13 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2021-23954, CVE-2021-23960, CVE-2021-23964, CVE-2021-23953.
https://www.ibm.com/support/pages/node/6447467
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.9.0 ESR + CVE-2021-23987) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF13 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2021-23987, CVE-2021-23982, CVE-2021-23981, CVE-2021-23984.
https://www.ibm.com/support/pages/node/6447457
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.9.0 ESR + CVE-2021-23978) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF13 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2021-23978, CVE-2021-23968, CVE-2021-23969, CVE-2021-23973.
https://www.ibm.com/support/pages/node/6447459
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.9.0 ESR + CVE-2020-26974) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF13 + ICAM2019.3.0 - 2020.2.0.
Summary: Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-26974, CVE-2020-35111, CVE-2020-26973, CVE-2020-26978, CVE-2020-26971, CVE-2020-35112, CVE-2020-35113.
https://www.ibm.com/support/pages/node/6447455
ICP/ICAM/CP4MCM
Download/New releases/Technotes (ICP/ICAM/CP4MCM)
Change History of Monitoring Agent for Microsoft SharePoint Server.
https://www.ibm.com/support/pages/node/880225
Security Bulletins (ICP/ICAM/CP4MCM)
A Security Vulnerability affects IBM Cloud Private - OpenSSL (CVE-2019-1551).
Summary: Vulnerability Details CVEID: CVE-2019-1551
https://www.ibm.com/support/pages/security-bulletin-security-vulnerability-affects-ibm-cloud-private-openssl-cve-2019-1551-0
IBM Cloud Private is vulnerable to a Node.js lodash vulnerability (CVEID: 183560).
Summary: Node.js lodash module denial of service
https://www.ibm.com/support/pages/node/6338463
IBM Cloud Private is vulnerable to cURL vulnerabilities (CVE-2020-8169, CVE-2020-8177).
DESCRIPTION: cURL libcurl could allow a remote attacker to obtain sensitive information, caused by the failure to correctly URL encode the credential data when set using an curl_easy_setopt option.
https://www.ibm.com/support/pages/node/6417375
IBM Cloud Private is vulnerable to etcd vulnerabilities (CVE-2020-15106, CVE-2020-15112, CVE-2020-15113).
DESCRIPTION: etcd is vulnerable to a denial of service, caused by improper data validation in the decodeRecord method.
https://www.ibm.com/support/pages/node/6417459
IBM Cloud Private is vulnerable to a Go vulnerability (CVE-2020-15586).
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a data race in some net/http servers.
https://www.ibm.com/support/pages/node/6417431
IBM Cloud Private is vulnerable to Kubernetes vulnerabilities.
DESCRIPTION: Kubernetes is vulnerable to server-side request forgery, caused by a flaw in the kube-controller-manager.
https://www.ibm.com/support/pages/node/6417467
IBM Cloud Private is vulnerable to Helm vulnerabilities (CVE-2020-15187, CVE-2020-15186, CVE-2020-15185, CVE-2020-15184).
DESCRIPTION: Helm could allow a remote authenticated attacker to bypass security restrictions, caused by an issue with containing duplicates of the same entry in the plugin.yaml file.
https://www.ibm.com/support/pages/node/6417481
IBM Cloud Private is vulnerable to a Go vulnerability (CVE-2020-16845).
DESCRIPTION: Go Language is vulnerable to a denial of service, caused by an infinite read loop in ReadUvarint and ReadVarint in encoding/binary.
https://www.ibm.com/support/pages/node/6417463
IBM Cloud Private is vulnerable to a WebSphere Application Server Liberty vulnerability (CVE-2020-4590).
DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client.
https://www.ibm.com/support/pages/node/6417479
IBM Cloud Private is vulnerable to a MongoDB vulnerability (CVE-2020-7923).
DESCRIPTION: MongoDB is vulnerable to a denial of service, caused by a flaw in geoNear invariant.
https://www.ibm.com/support/pages/node/6417473
IBM Cloud Private is vulnerable to a Java vulnerability (CVE-2020-14782).
DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
https://www.ibm.com/support/pages/node/6417493
IBM Cloud Private is vulnerable to Node.js vulnerabilities (CVE-2020-8201, CVE-2020-8252, CVE-2020-8251).
DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by CR-to-Hyphen conversion.
https://www.ibm.com/support/pages/node/6417485
IBM Cloud Private is vulnerable to a Go vulnerability (CVE-2020-28362).
DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validation by the math/big.Int methods.
https://www.ibm.com/support/pages/node/6417495
IBM Cloud Private is vulnerable to Java vulnerabilities (CVE-2020-14792, CVE-2020-14797, CVE-2020-14781, CVE-2020-14779, CVE-2020-14798, CVE-2020-14796).
DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.
https://www.ibm.com/support/pages/node/6417491
IBM Cloud Private is vulnerable to Kubernetes vulnerabilities (CVE-2020-8566, CVE-2020-8565, CVE-2020-8563, CVE-2020-8564).
DESCRIPTION: Kubernetes could allow a local authenticated attacker to obtain sensitive information, caused by a flaw when Ceph RBD volumes are supported and kube-controller-manager is using logLevel >= 4.
https://www.ibm.com/support/pages/node/6417487
IBM Cloud Private is vulnerable to MongoDB vulnerabilities (CVE-2020-7926, CVE-2020-7925, CVE-2020-7928.
DESCRIPTION: MongoDB Server is vulnerable to a denial of service. By sending specially-crafted queries, a remote authenticated attacker could exploit this vulnerability to cause the system to crash.
https://www.ibm.com/support/pages/node/6417497
IBM Cloud Private is vulnerable to a Python vulnerability (CVE-2020-25659).
DESCRIPTION: python-cryptography could allow a remote attacker to obtain sensitive information, caused by a Bleichenbacher timing attack.
https://www.ibm.com/support/pages/node/6417499
[Out of support (EOS) products and versions Content].
https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&htmlfid=897/ENUS919-196&appname=USN
[New IBM/ITM Related websites Section].
Your Guide to Expanding APM into Observability.
Learn how IBM Observability with Instana delivers powerful, automated enterprise observability to not only monitor individual systems and contextualize data about them, but also correlate interactions between discrete applications and systems across your entire IT environment.
https://community.ibm.com/HigherLogic/System/DownloadDocumentFile.ashx?DocumentFileKey=ef773adc-81f4-5bfa-f03d-7755c3795300&forceDialog=0
Product Synonym
ITMv6;ITM;APMv8;APM;ITCAM;ITCAMForTx;ITCAMv7;ICP;OCP;
Was this topic helpful?
Document Information
Modified date:
30 December 2022
UID
ibm16446241