Number: AV22-240
Date: 2 May 2022
Between 25 April and 1 May 2022 IBM published Security Bulletins to address vulnerabilities in multiple products. Included were critical updates for the following:
- Content Collector for Email – version 4.0.x
- IBM Cognos Analytics – versions 11.1.x and 11.2.x
- InfoSphere Information Server, Server on Cloud – version 11.7
- Operations Dashboard – versions 2020.4.1, 2021.1.1, 2021.2.1, 2021.3.1 and 2021.4.1
- PowerVM Novalink – versions 1.0.0.16, 2.0, 2.0.1, 2.0.2 and 2.0.2.1
- SPSS Collaboration and Deployment Services – versions 8.2, 8.2.1 and 8.2.2
- Watson Discovery for IBM Cloud Pak for Data – versions 2.0.0 to 2.2.1 and 4.0.0 to 4.0.7
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
IBM Product Security Incident Response
Spring remote code execution vulnerabilities (AL22-004)