Security update advisories for IBM products (IBM Cloud Pak for Security, IBM i, etc.)
Overview
IBM has announced an update to address vulnerabilities in their products. Users of the affected versions are advised to update to the latest version.
Affected Products
CVE-2023-47726
- IBM Cloud Pak for Security versions: 1.10.0.0 (inclusive) ~ 1.10.11.0 (inclusive)
- QRadar Suite Software Versions: 1.10.12.0 (inclusive) ~ 1.10.21.0 (inclusive)
CVE-2024-27275
- IBM i versions 7.5, 7.4, 7.3, and 7.2
CVE-2024-37532
- IBM WebSphere Application Server 9.0, 8.5 versions
CVE-2024-38319
- IBM Security SOAR 51.0.2.0 version
CVE-2024-31890
- IBM i versions 7.5, 7.4, and 7.3
Resolved Vulnerabilities
Arbitrary command execution vulnerability due to improper input validation in IBM QRadar Suite Software (CVE-2023-47726)
Local privilege escalation vulnerability due to insufficient privilege requirements in IBM i (CVE-2024-27275)
Identity spoofing vulnerability of authenticated users due to incorrect signature verification in IBM WebSphere Application Server (CVE-2024-37532)
Vulnerability in IBM Security SOAR that could allow an authenticated user to execute malicious code loaded from a specially crafted script (CVE-2024-38319)
Local privilege escalation vulnerability in IBM TCP/IP Connection Utility for IBM i (CVE-2024-31890)
Vulnerability Patches
Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
CVE-2023-47726
- IBM Cloud Pak for Security Version: 1.10.22.0
CVE-2024-27275
- Update based on “Remediation/Fixes” in Referenced Sites[4]
CVE-2024-37532
- IBM WebSphere Application Server traditional 9.0.5.21 version
CVE-2024-38319
- IBM Security QRadar SOAR Platform 51.0.2.1 version
CVE-2024-31890
- updated based on the “Remediation/Fixes” section of the reference page [10]
Referenced Sites
[1] CVE-2023-47726 Detail
https://nvd.nist.gov/vuln/detail/CVE-2023-47726
[2] Security Bulletin: IBM QRadar Suite software is vulnerable to injection attacks (CVE-2023-47726)
https://www.ibm.com/support/pages/node/7157750
[3] CVE-2024-27275 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-27275
[4] Security Bulletin: IBM i is vulnerable to a privilege escalation due to the ability to configure a physical file trigger in Db2 for IBM i. [CVE-2024-27275]
https://www.ibm.com/support/pages/node/7157637
[5] CVE-2024-37532 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-37532
[6] Security Bulletin: IBM WebSphere Application Server is vulnerable to identity spoofing (CVE-2024-37532)
https://www.ibm.com/support/pages/node/7158031
[7] CVE-2024-38319 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-38319
[8] Security Bulletin: IBM Resilient SOAR is vulnerable to command injection (CVE-2024-38319)
https://www.ibm.com/support/pages/node/7158261
[9] CVE-2024-31890 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-31890
[10] Security Bulletin: IBM i is vulnerable to a local privilege escalation due to a flaw in IBM TCP/IP Connectivity Utilities for i [CVE-2024-31890]