OpenSSL vulnerabilities were disclosed in May 2016 by the OpenSSL Project. OpenSSL is used by SAN Volume Controller and Storwize Family. SAN Volume Controller and Storwize Family products have addressed the applicable CVEs.
CVE(s): CVE-2016-2107, CVE-2016-2108
Affected product(s) and affected version(s):
IBM SAN Volume Controller
IBM Storwize V7000
IBM Storwize V5000
IBM Storwize V3700
IBM Storwize V3500
All products are affected when running supported releases 7.1 to 7.6. Release 7.7 is not affected.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2cwoXxb
X-Force Database: http://ift.tt/1NwOQz5
X-Force Database: http://ift.tt/1VjTr9i
from IBM Product Security Incident Response Team http://ift.tt/2dma1YQ
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.