IBM SmartCloud Entry is vulnerable to multiple vulnerabilities in nss, nss-util and nspr. Attackers could exloit them using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVE(s): CVE-2016-1978, CVE-2016-1979
Affected product(s) and affected version(s):
IBM SmartCloud Entry 2.2.0 through 2.2.0.4 Appliance fix pack 6
IBM SmartCloud Entry 2.3.0 through 2.3.0.4 Appliance fix pack 6
IBM SmartCloud Entry 2.4.0 through 2.4.0.4 Appliance fix pack 6
IBM SmartCloud Entry 3.1.0 through 3.1.0.4 Appliance fix pack 21
IBM SmartCloud Entry 3.2.0 through 3.2.0.4 Appliance fix pack 21
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2ciLZxP
X-Force Database: http://ift.tt/1TuzxZZ
X-Force Database: http://ift.tt/20vxDHr
from IBM Product Security Incident Response Team http://ift.tt/2coBqGd
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.