Number: AV22-276
Date: 16 May 2022
Between 9 and 15 May 2022 IBM published Security Bulletins to address vulnerabilities in multiple products. Included were critical updates for the following:
- IBM Common Cryptographic Architecture – versions 5.0 to 5.7.11
- IBM Cúram SPM – version 7.0.11
- IBM Cloud Pak System – version 2.3
- IBM Security Guardium – versions 10.0; 10.5; 11.1; 11.2; 11.3
- IBM Spectrum Scale – versions 5.0.0 to 5.0.5.13 and 5.1.0 to 5.1.3
- IBM Sterling Connect:Direct – versions 6.2.0.0 to 6.2.0.3_iFix012
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
IBM Product Security Incident Response
Spring remote code execution vulnerabilities (AL22-004)
Active Exploitation of Apache Log4j Vulnerability (AL21-019)