Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU -April 2022 to January 2023 affects AIX LPARs in IBM PureData System for Operational Analytics

Summary Multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, and 8 that are used in IBM PureData System for Operational Analytics AIX based LPARs. These issues were disclosed as part of the IBM Java SDK updates in April 2022 to January 2023. These issues were disclosed as pa...

Security Bulletin: One or more security vulnerabilities has been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics (CVE-2022-43927,CVE-2022-43929)

Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin CVE-2022-43927,CVE-2022-43929. Vulnerability Details CVEID:CVE-2022-43929 DESCRIPTION: IBM Db2 for...

Security Bulletin: One or more security vulnerabilities has been identified in OpenSSL in IBM® AIX® shipped with IBM PureData System for Operational Analytics (CVE-2019-1559,CVE-2019-1547,CVE-2019-1563)

Summary IBM® AIX® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities in OpenSSL affecting IBM AIX have been published in a security bulletin CVE-2019-1559,CVE-2019-1547,CVE-2019-1563. Vulnerability Details CVEID:CVE-2019-1547...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, and 8 that are used in IBM PureData System for Operational Analytics AIX based LPARs. These issues were disclosed as part of the IBM Java SDK updates between January 2019 and July 2022...

Security Bulletin: Vulnerabilities in Eclipse OpenJ9 affects AIX LPARs in IBM PureData System for Operational Analytics (CVE-2021-41041)

Summary There are one or more vulnerabilities in Eclipse OpenJ9 that is used in IBM PureData System for Operational Analytics AIX based LPARs CVE-2021-41041. Vulnerability Details CVEID:CVE-2021-41041 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security restrictions, cause...

Security Bulletin: IBM PureData System for Operational Analytics A1791 and IBM Smart Analytics System 7600, 7700, and 7710 are affected by a privilege escalation vulnerability in the DB2 Audit Facility (CVE-2013-3475)

Abstract The IBM PureData System for Operational Analytics A1791, IBM Smart Analytics System 7600, IBM Smart Analytics System 7700, and IBM Smart Analytics System 7710 are shipped with DB2 9.7 or DB2 10.1. These versions of DB2 contain a security vulnerability in the DB2 Audit Facility which allo...

Security Bulletin: IBM PureData System For Operational Analytics A1791 is affected by an OSPF vulnerability (CVE-2013-0149)

Abstract The IBM PureData System for Operational Analytics A1791 includes network switches which are used in part for external network access. When configured to use the Open Shortest Path First OSPF protocol these switches are vulnerable and allow remote attackers to cause a denial of service...

Security Bulletin: IBM PureData System for Operational Analytics A1791 is affected by a directory traversal arbitrary file download vulnerability in the database performance monitor (CVE-2013-2979)

Abstract The IBM PureData System for Operational Analytics A1791 includes IBM Optim Performance Manager OPM for DB2 for Linux, Unix, and Windows. There is a vulnerability with OPM that could allow users to access files and directories that are stored outside the OPM installation directory which...

Security Bulletin: IBM PureData System for Analytics vulnerable to unauthorized access and modification of local files (CVE 2013-5374)

Summary It is possible to read and modify local files via unknown vectors. Exploitation requires authentication and specific permissions. Confidentiality and integrity may be partially impacted and availability may be fully impacted. Vulnerability Details CVE ID:CVE-2013-5374 CVSS Base Score: 7.5...

Security Bulletin: Multiple security vulnerabilities has been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics

Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin CVE-2022-22389, CVE-2022-22390, CVE-2022-25313, CVE-2022-25236, CVE-2022-25235, CVE-2022-25314,...

Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVE. Vulnerability Details CVEID: CVE-2022-22942 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by improper file descriptor...

Security Bulletin: One or more security vulnerabilities has been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics (CVE-2018-1980,CVE-2019-4094,CVE-2018-1922,CVE-2018-1978,CVE-2018-1923,CVE-2019-4016,CVE-2019-4015)

Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin. Vulnerability Details CVEID: CVE-2018-1980 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includ...

Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVEs. Vulnerability Details CVEID: CVE-2021-3772 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by improper validation of integrity check value by the Linux SCTP stack...

Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVEs. Vulnerability Details CVEID: CVE-2021-37159 DESCRIPTION: Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a use-after-free and a double free...

Security Bulletin: Public disclosed vulnerability from OpenSSL affects IBM Netezza Host Management

Summary OpenSSL is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain ...

Security Bulletin: Publicly disclosed vulnerabilities from Bind affect IBM Netezza Host Management

Summary Bind is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-25215 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an assertion failure while answering queries for DNAME records. By...

Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVEs. Vulnerability Details CVEID: CVE-2019-19051 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the i2400moprfkillswtoggle function in...

Security Bulletin: Publicly disclosed vulnerability from Qemu affects IBM Netezza Host Management

Summary Open Source Qemu is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-14364 DESCRIPTION: Xen could allow a local attacker to gain elevated privileges on the system, caused by an out-of-bounds read/write...

Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVE. Vulnerability Details CVEID: CVE-2019-18806 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the qlalloclargebuffers function in...

Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management

Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVEs Vulnerability Details CVEID: CVE-2020-12655 DESCRIPTION: Linux Kernel could allow a local attacker to bypass security restrictions, caused by a flaw in the xfsagfverify function in...