IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cognos Metrics Manager (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-6306 CVE-2016-2181 CVE-2016-2183)

OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cognos Metrics Manager. IBM Cognos Metrics Manager has addressed the applicable CVEs.

CVE(s): CVE-2016-6302, CVE-2016-6304, CVE-2016-6303, CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-6306, CVE-2016-2181, CVE-2016-2183

Affected product(s) and affected version(s):

• IBM Cognos Metrics Manager 10.2.2
• IBM Cognos Metrics Manager 10.2.1
• IBM Cognos Metrics Manager 10.2
• IBM Cognos Metrics Manager 10.1.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2j3W56U
X-Force Database: http://ift.tt/2dR4fNY
X-Force Database: http://ift.tt/2dmY7tO
X-Force Database: http://ift.tt/2dmXjFz
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2dR5fBu
X-Force Database: http://ift.tt/2dmYpRr
X-Force Database: http://ift.tt/2dmXLUk
X-Force Database: http://ift.tt/2dR3VyC

from IBM Product Security Incident Response Team http://ift.tt/2j3VIJA