Multiple vulnerabilities in Apache HTTPD can cause denial of service and allow a remote attacker to bypass security restrictions and obtain sensitive information in IBM Tealeaf Customer Experience PCA. A Vulnerability in the Memcached library used by the IBM Tealeaf Customer Experience PCA could permit a denial of service attack. Multiple vulnerabilities in the PHP library used by the IBM Tealeaf Customer Experience PCA could permit a denial of service attack, allowing a remote attacker to bypass security restrictions and obtain sensitive information and thus providing weaker than expected security. Apache HTTP Server vulnerability could allow a remote attacker to obtain sensitive information and gain access to restricted HTTP resource. Apache HTTP Server is used by IBM Tealeaf Customer Experience PCA and the applicable CVEs have been addressed. Multiple vulnerabilities in the tcpdump library used by the IBM Tealeaf Customer Experience PCA could allow a denial of service attack and allow a remote attacker to obtain sensitive information. A Vulnerability in the OpenSSL library used by the IBM Tealeaf Customer Experience PCA could permit a a remote attacker to obtain sensitive information.
CVE(s): CVE-2017-7679, CVE-2017-7668, CVE-2017-3169, CVE-2017-9951, CVE-2017-11142, CVE-2017-12933, CVE-2017-12932, CVE-2017-9798, CVE-2017-12171, CVE-2017-13725, CVE-2017-13690, CVE-2017-13689, CVE-2017-13688, CVE-2017-13687, CVE-2017-13055, CVE-2017-13054, CVE-2017-12985, CVE-2017-12902, CVE-2017-12901, CVE-2017-12900, CVE-2017-12899, CVE-2017-12898, CVE-2017-12897, CVE-2017-12896, CVE-2017-12895, CVE-2017-12993, CVE-2017-12992, CVE-2017-12991, CVE-2017-12990, CVE-2017-12989, CVE-2017-12988, CVE-2017-12987, CVE-2017-12986, CVE-2017-12893, CVE-2017-12894, CVE-2015-3138, CVE-2017-13033, CVE-2017-13030, CVE-2017-13029, CVE-2017-13028, CVE-2017-13027, CVE-2017-13026, CVE-2017-13032, CVE-2017-13031, CVE-2017-13025, CVE-2017-13024, CVE-2017-13023, CVE-2017-13022, CVE-2017-13021, CVE-2017-13020, CVE-2017-13019, CVE-2017-13018, CVE-2017-13017, CVE-2017-13016, CVE-2017-13015, CVE-2017-13014, CVE-2017-13012, CVE-2017-13011, CVE-2017-13010, CVE-2017-13009, CVE-2017-13008, CVE-2017-13007, CVE-2017-13006, CVE-2017-13005, CVE-2017-13004, CVE-2017-13003, CVE-2017-13002, CVE-2017-13001, CVE-2017-13000, CVE-2017-12999, CVE-2017-13013, CVE-2017-12998, CVE-2017-12997, CVE-2017-12996, CVE-2017-12995, CVE-2017-12994, CVE-2017-13051, CVE-2017-13050, CVE-2017-13049, CVE-2017-13048, CVE-2017-13047, CVE-2017-13046, CVE-2017-13045, CVE-2017-13044, CVE-2017-13043, CVE-2017-13042, CVE-2017-13041, CVE-2017-13040, CVE-2017-13039, CVE-2017-13036, CVE-2017-13053, CVE-2017-13052, CVE-2017-13035, CVE-2017-13034, CVE-2017-13038, CVE-2017-13037, CVE-2017-3735, CVE-2017-16808
Affected product(s) and affected version(s):
IBM Tealeaf Customer Experience v9.0.2, v9.0.1, v8.8.x and v8.7.x
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22016641
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127420
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127419
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127417
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128607
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/129131
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/130648
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/130649
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132159
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133645
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132014
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132013
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132012
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132011
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132010
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131898
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131988
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131875
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131874
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131873
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131872
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131871
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131868
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131867
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131877
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131865
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131892
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131891
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131886
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131807
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131794
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131885
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131883
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131876
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131810
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131864
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132784
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131983
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131991
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131990
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131989
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131987
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131897
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131997
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131996
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131882
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131881
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131880
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131986
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131984
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131982
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131913
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131912
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131911
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131909
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131908
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131907
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131878
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131781
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131905
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131879
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131884
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131904
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131903
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131869
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131893
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131902
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131901
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131870
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131900
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131896
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131906
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131895
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131809
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131894
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131808
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131887
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132006
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132008
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132007
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132005
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131910
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131889
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132004
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132003
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131890
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132002
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131985
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132001
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131866
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131998
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131888
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132009
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131899
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131914
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132000
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131999
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131047
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134999
The post IBM Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience PCA appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2lHcQ7P
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.