The BigFix Platform verions 9.5 has some vulnerabilities associated with the zlib library, as well as Cross Site Request Forgery, Missing Authentication for Critical Function, Cross Site Scripting and XML External Entity that have been addressed in patch release 9.5.6.
CVE(s): CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-1218, CVE-2017-1222, CVE-2017-1203, CVE-2017-1219
Affected product(s) and affected version(s):
BigFix Platform Version 9.1, BigFix Platform Version 9.2
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2zmh4KX
X-Force Database: http://ift.tt/2lLwOQm
X-Force Database: http://ift.tt/2mlzP6B
X-Force Database: http://ift.tt/2lLuetu
X-Force Database: http://ift.tt/2mlCjlv
X-Force Database: http://ift.tt/2u5GeJS
X-Force Database: http://ift.tt/2zT7hst
X-Force Database: http://ift.tt/2u5UwKc
X-Force Database: http://ift.tt/2tCatER
The post IBM Security Bulletin: The BigFix Platform version 9.5 has security vulnerabilities that have been addressed via patch release 9.5.6 appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2iODywI
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.