IBM Product Security Update Advisory

Dec 18 2024

Overview

An update has been released to address vulnerabilities in IBM Products. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-31891, CVE-2024-31892

IBM Storage Scale versions: 5.1.9.0 (inclusive) ~ 5.1.9.6 (inclusive)
IBM Storage Scale versions: 5.2.0.0 (inclusive) ~ 5.2.1.1 (inclusive)

Resolved Vulnerabilities

Vulnerability that could allow a malicious actor with command-line access to the ‘scalemgmt’ user to gain root access to the host operating system via escalation of privileges (CVE-2024-31891)

Improperly sanitizing formula elements, which could allow a user to intercept and modify a CSV file and perform unauthorized actions (CVE-2024-31892)

Vulnerability Patches

Vulnerability patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-31891, CVE-2024-31892

IBM Storage Scale versions: 5.1.9.7 or later version
IBM Storage Scale versions: 5.2.2.0 or later version

Referenced Sites

[1] Security Bulletin: Multiple vulnerabilities which can affect IBM Storage Scale are now fixed.

https://www.ibm.com/support/pages/node/7178098

IBM Product Security Update Advisory

Splunk Product Security Update Advisory (CVE-2024-53247)

Apache Tomcat December Vulnerability Security Update Advisory

Tags:

Splunk Product Security Update Advisory (CVE-2024-53247)

Apache Tomcat December Vulnerability Security Update Advisory