IBM Security Network Protection uses Kerberos (krb5) to provide network authentication. The Kerberos (krb5) version that is shipped with IBM Security Network Protection contains multiple security vulnerabilities.
CVE(s): CVE-2015-8629, CVE-2015-8631
Affected product(s) and affected version(s):
IBM Security Network Protection 5.3.1
IBM Security Network Protection 5.3.2
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/1UaBu8j
X-Force Database: http://ift.tt/1VjTJgk
X-Force Database: http://ift.tt/1VjTDFF
from IBM Product Security Incident Response Team http://ift.tt/1Y0TsQk
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.