Dec 23, 2017 10:00 am EST
Categorized: Medium Severity
Share this post:
There is a vulnerability in Mozilla NSS to which the IBM® FlashSystem™ 840 and FlashSystem™ 900 are susceptible. An exploit of this vulnerability (CVE-2016-9074) could make the system susceptible to timing side-channel attacks which could be leveraged to allow launch of further attacks on the system.
CVE(s): CVE-2016-9074
Affected product(s) and affected version(s):
FlashSystem 840 machine type and models (MTMs) affected include 9840-AE1 and 9843-AE1.
FlashSystem 900 MTMs affected include 9840-AE2 and 9843-AE2.
Supported code versions which are affected
· VRMFs prior to 1.3.0.7
· VRMFs prior to 1.4.5.0
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2BHnfL6
X-Force Database: http://ift.tt/2ryTPpv
from IBM Product Security Incident Response Team http://ift.tt/2l1JaBq
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.