Mar 30, 2018 9:00 am EDT
Categorized: High Severity
Share this post:
IBM Aspera Platform On Demand, IBM Aspera Server On Demand, IBM Aspera Faspex On Demand, IBM Aspera Shares On Demand, IBM Aspera Transfer Cluster Manager is affected by the vulnerabilities known as Spectre and Meltdown, which can enable CPU data cache timing to be abused to bypass conventional memory security restrictions to gain access to privileged memory that should be inaccessible.
CVE(s): CVE-2017-5753, CVE-2017-5715, CVE-2017-5754
Affected product(s) and affected version(s):
| Affected Product Name | Affected Versions |
| IBM Aspera Platform On Demand | 3.7.3 and prior |
| IBM Aspera Server On Demand | 3.7.3 and prior |
| IBM Aspera Faspex On Demand | 3.7.3 and prior |
| IBM Aspera Shares On Demand | 3.7.3 and prior |
| IBM Aspera Transfer Cluster Manager | 1.2.4 and prior |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22012643
from IBM Product Security Incident Response Team https://ift.tt/2GGaiTj
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.