IBM Security Bulletin: Multiple packages as used in IBM Security QRadar Packet Capture are vulnerable to various security issues.

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools.

CVE(s): CVE-2017-5461, CVE-2017-3137, CVE-2017-3136, CVE-2017-2636, CVE-2017-2628, CVE-2013-4075, CVE-2016-2107, CVE-2015-3813, CVE-2015-3812, CVE-2015-3811, CVE-2016-7910

Affected product(s) and affected version(s):

· QRadar Packet Capture 7.3.0 – 7.3.0 Patch 1

· QRadar Packet Capture Data Node 7.3.0 – 7.3.0 Patch 1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22012757
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/125002
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/124517
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/124516
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/122898
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/125103
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/84821
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/112854
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/103256
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/103257
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/103258
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/119531

The post IBM Security Bulletin: Multiple packages as used in IBM Security QRadar Packet Capture are vulnerable to various security issues. appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2DNkc4V