heise PlusAbo
Anzeige

DoS attacks on IBM SPSS Collaboration and Deployment Services possible

IBM's analysis and automation software SPSS Collaboration and Deployment Services is vulnerable. Security patches are available.

listen Print view
A symbolic update button on a keyboard.

(Image: Tatiana Popova/Shutterstock.com)

1 min. read
Security
By

Attackers can attack systems with IBM SPSS Collaboration and Deployment Services and trigger DoS states, among other things. The starting points are several security vulnerabilities in various components that the analysis and automation software uses.

Install security update

As a warning message shows, attackers can exploit a total of nine vulnerabilities in js-yaml, minimatch, and React Router. Five of these vulnerabilities are classified as "high" threat. Attackers can use these for DoS (CVE-2026-26996) and XSS attacks (CVE-2026-21884), for example. So far, there are no reports that the vulnerabilities are already being exploited.

Videos by heise

Admins should ensure that version 9.0.0.0-IM-ScaDS-REPOSITORYSERVER-PSIRT-IF002, which is equipped against the described attacks, is installed.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten