IBM Security Bulletin: IBM Security Access Manager appliances are affected by vulnerabilities in OpenSSH (CVE-2015-5352, CVE-2015-6563, CVE-2015-6564)

Vulnerabilities have been identified in OpenSSH. IBM Security Access Manager appliances use OpenSSH and are affected by these vulnerabilities.

CVE(s): CVE-2015-5352, CVE-2015-6563, CVE-2015-6564

Affected product(s) and affected version(s):

IBM Security Access Manager for Web 7.0 appliances

IBM Security Access Manager for Web 8.0, all firmware versions

IBM Security Access Manager for Mobile 8.0, all firmware versions

IBM Security Access Manager 9.0, all firmware versions

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2gE6mVj
X-Force Database: http://ift.tt/2c8WB0w
X-Force Database: http://ift.tt/2bZYLgC
X-Force Database: http://ift.tt/2c8Vyh9

from IBM Product Security Incident Response Team http://ift.tt/2gE7eJP