TR-21-0453 (IBM Güvenlik Bülteni Yayınladı)

Genel Bilgi

IBM, farklı ürünlerini etkileyen zafiyetler için bülten yayınladı.

Etki

Mevcut güvenlik açıklıkları nedeniyle siber saldırganların zafiyetleri kullanarak saldırılarını gerçekleştirmeleri ihtimal dâhilindedir. Zafiyetlerin CVE kodları aşağıdaki gibidir:

CVE-2020-2773, CVE-2020-14803, CVE-2021-24342, CVE-2021-24343, CVE-2021-24344, CVE-2020-14845, CVE-2020-14828, CVE-2020-14848, CVE-2020-14866, CVE-2020-14844, CVE-2020-14829, CVE-2020-14839, CVE-2020-14861, CVE-2020-14830, CVE-2020-14836, CVE-2020-14827, CVE-2020-14821, CVE-2020-14852, CVE-2020-14846, CVE-2020-14853, CVE-2020-14837, CVE-2020-14812, CVE-2020-14838, CVE-2020-14878, CVE-2020-14860, CVE-2020-14814, CVE-2020-25705, CVE-2020-28374, CVE-2020-4952, CVE-2020-36185, CVE-2020-36181, CVE-2020-36189, CVE-2020-36188, CVE-2020-36184, CVE-2020-36180, CVE-2020-36183, CVE-2020-36179, CVE-2020-36187, CVE-2020-36186, CVE-2020-36182, CVE-2021-20190, CVE-2020-25649, CVE-2020-15095, CVE-2020-8116, CVE-2020-8201, CVE-2020-8252, CVE-2020-14779, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798, CVE-2021-2208, CVE-2021-2217, CVE-2021-2212, CVE-2021-2202, CVE-2021-2201, CVE-2021-2226, CVE-2021-2213, CVE-2021-2203, CVE-2021-2215, CVE-2021-2230, CVE-2021-2232, CVE-2021-2178, CVE-2021-2166, CVE-2021-2160, CVE-2021-2169, CVE-2021-2170, CVE-2021-2154, CVE-2021-2162, CVE-2021-2278, CVE-2021-2301, CVE-2021-2172, CVE-2021-2171, CVE-2021-2146, CVE-2021-2300, CVE-2021-2164, CVE-2021-2298, CVE-2021-2299, CVE-2021-2293, CVE-2021-2174, CVE-2021-2180, CVE-2021-2179, CVE-2021-2307, CVE-2021-2193, CVE-2021-2196, CVE-2021-2194, CVE-2020-14782, CVE-2021-20517 ve CVE-2018-18751

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM) kullanıcı ve sistem yöneticilerine dokümanını gözden geçirmelerini ve gerekli güncellemelerin yapılmasını tavsiye etmektedir.

Kaynaklar

https://www.ibm.com/support/pages/node/6455277

https://exchange.xforce.ibmcloud.com/vulnerabilities/190121X-Force

https://exchange.xforce.ibmcloud.com/vulnerabilities/179673

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14803

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2773

https://exchange.xforce.ibmcloud.com/vulnerabilities/190121

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24342

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24343

https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-security-guardium-19/

2021-06-08