Open Source Apache Struts vulnerabilities were disclosed in Jun 2016. Struts is used by SAN Volume Controller and Storwize Family in its Service Assistant GUI. The CVEs are CVE-2016-4430 CVE-2016-4431 CVE-2016-4433 CVE-2016-4436.
CVE(s): CVE-2016-4430, CVE-2016-4431, CVE-2016-4433, CVE-2016-4436
Affected product(s) and affected version(s):
IBM SAN Volume Controller
IBM Storwize V7000
IBM Storwize V5000
IBM Storwize V3700
IBM Storwize V3500
All products are affected when running supported releases 1.1 to 7.7.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2dm9HJB
X-Force Database: http://ift.tt/2cwphw5
X-Force Database: http://ift.tt/2dma073
X-Force Database: http://ift.tt/2cwpJul
X-Force Database: http://ift.tt/2dmar1q
from IBM Product Security Incident Response Team http://ift.tt/2cwpsr7
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.