SymmetricalDataSecurity: IBM Security Bulletin: IBM BigFix Platform is affected by multiple vulnerabities (CVE-2017-3735, CVE-2017-1000100, CVE-2017-1000254)

Friday, May 18, 2018

IBM Security Bulletin: IBM BigFix Platform is affected by multiple vulnerabities (CVE-2017-3735, CVE-2017-1000100, CVE-2017-1000254)

There are vulnerabilities in the OpenSSL and LibcURL libraries used by BigFix. These are addressed in the BigFix Platform 9.5.8 and 9.2.12 releases.

CVE(s): CVE-2017-3735, CVE-2017-1000100, CVE-2017-1000254

Affected product(s) and affected version(s):

Note that these vulnerabilities could affect any of the BigFix Platform components.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22011879
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131047
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/130190
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133027

The post IBM Security Bulletin: IBM BigFix Platform is affected by multiple vulnerabities (CVE-2017-3735, CVE-2017-1000100, CVE-2017-1000254) appeared first on IBM PSIRT Blog.

Affected IBM BigFix Platform	Affected Versions
BigFix Platform	9.5 – 9.5.7
BigFix Platform	9.2 – 9.2.11

from IBM Product Security Incident Response Team https://ift.tt/2IM6vF4

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)