IBM Security Bulletin: Vulnerabilities in Open Source OpenSSL affect IBM Cisco SAN switches and directors (CVE-2016-2177 CVE-2000-1254 CVE-2016-2178).

Open Source OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs.

CVE(s): CVE-2000-1254, CVE-2016-2178, CVE-2016-2177

Affected product(s) and affected version(s):

NX-OS 5.X versions prior to 5.2.8(i)

NX-OS 6.X versions prior to 6.2(19)

NX-OS 7.X versions

NX-OS 8.X versions prior to 8.1

DCNM versions prior to 10.3(1)

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ssg1S1010570
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/113136
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/113889
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/113890

The post IBM Security Bulletin: Vulnerabilities in Open Source OpenSSL affect IBM Cisco SAN switches and directors (CVE-2016-2177 CVE-2000-1254 CVE-2016-2178). appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2ntTNhG