Serial number: AV24-603
Date: October 21, 2024
Between October 14 and 20, 2024 IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:
- IBM Observability with Instana (OnPrem) – version Build 277 (Self-Hosted Standard Edition 1.5.0)
- IBM QRadar SIEM – version 7.5 to 7.5.0 UP9 IF03
- IBM QRadar Incident Forensics – version 7.5 to 7.5.0 UP9 IF03
- IBM Rational ClearQuest – versions 10.0 to 10.0.6 and 9.1 to 9.1.0.6
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
- Security Bulletin: IBM Observability with Instana for Self-Hosted Standard Edition is affected by multiple Vulnerabilities
- Security Bulletin: A vulnerability has been identified in IBM HTTP Server used by IBM Rational ClearQuest due to the included Apache HTTP Server (CVE-2024-40898, CVE-2024-40725)
- Security Bulletin: Due to use of International Components for Unicode, IBM Rational ClearQuest is vulnerable to buffer overflow
- Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
- IBM Product Security Incident Response