Thursday, November 30, 2017

IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client and IBM Aspera Connect Browser Plugin (CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)

OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client and IBM Aspera Connect Browser Plugin. The above mentioned products have addressed the applicable CVEs.

CVE(s): CVE-2016-2106, CVE-2016-2109, CVE-2016-2176

Affected product(s) and affected version(s):

IBM Aspera Enterprise Server 3.6.0 or earlier
IBM Aspera Connect for Web Access 3.6.0 or earlier
IBM Aspera Desktop Client 3.6.0 or earlier
IBM Aspera Point to Point Client 3.6.0 or earlier
IBM Aspera Connect Browser Plug in 3.6.6 or earlier

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2j6aiPJ
X-Force Database: http://ift.tt/25myFMu
X-Force Database: http://ift.tt/1Z0wO8Z
X-Force Database: http://ift.tt/25mym4p

The post IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client and IBM Aspera Connect Browser Plugin (CVE-2016-2106, CVE-2016-2109, CVE-2016-2176) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2j2LVC7

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.