SymmetricalDataSecurity: IBM Security Bulletin: Vulnerabilitiy in OpenSSL affect IBM Storwize V7000 Unified

Friday, January 6, 2017

Cross-protocol attack on TLS using SSLv2

CVE(s): CVE-2016-2177, CVE-2016-2178

Affected product(s) and affected version(s):

IBM Storwize V7000 Unified

The product is affected when running code releases 1.5.0.0 to 1.5.2.3 and 1.6.0.0 to 1.6.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2jbJLxW
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2asKHex

from IBM Product Security Incident Response Team http://ift.tt/2hXOuqN

SymmetricalDataSecurity