SymmetricalDataSecurity: IBM Security Bulletin: IBM Flex System switch firmware products are affected by information disclosure vulnerability (CVE-2014-8730)

Wednesday, October 24, 2018

Oct 24, 2018 9:02 am EDT

Share this post:

IBM Flex System switch firmware products have addressed the following TLS padding information disclosure vulnerability.

CVE(s): CVE-2014-8730

Affected product(s) and affected version(s):

Product	Affected Version
IBM Flex System Fabric EN4093/EN4093R 10Gb Scalable Switch firmware	7.8
IBM Flex System EN2092 1Gb Ethernet Scalable firmware	7.8
IBM Flex System Fabric GbFSIM 10Gb Scalable Switch firmware	7.8
IBM Flex System CN4093 10Gb ScSE firmware	7.8
G8264CS_SI_Fabric_Image	7.8

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10737135
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/99216

from IBM Product Security Incident Response Team https://ift.tt/2q9DE2o

SymmetricalDataSecurity