Thursday, November 30, 2017

IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares (CVE-2016-6304, CVE-2016-2177, …)

OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares has addressed the applicable CVEs.

CVE(s): CVE-2016-6302, CVE-2016-6304, CVE-2016-6303, CVE-2016-2182, CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-6306, CVE-2016-6308, CVE-2016-2181, CVE-2016-2183

Affected product(s) and affected version(s):

IBM Aspera Orchestrator 2.6.0 or earlier
IBM Aspera Virtural Catcher 2.4.4 or earlier
IBM Aspera Faspex 4.0.1 or earlier
IBM Aspera Shares 1.9.4 or earlier

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2BnY2AK
X-Force Database: http://ift.tt/2dR4fNY
X-Force Database: http://ift.tt/2dmY7tO
X-Force Database: http://ift.tt/2dmXjFz
X-Force Database: http://ift.tt/2dR45pA
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2dR5fBu
X-Force Database: http://ift.tt/2dmYpRr
X-Force Database: http://ift.tt/2dmYa8Y
X-Force Database: http://ift.tt/2dmXLUk
X-Force Database: http://ift.tt/2dR3VyC

The post IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares (CVE-2016-6304, CVE-2016-2177, …) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2BoUyxV

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.