There is a vulnerability in open source OpenSSL to which the IBM® FlashSystem™ 840 and IBM FlashSystem 900 are susceptible. An exploit of this vulnerability could allow a remote user with the ability to conduct a man-in-the-middle attack to decrypt traffic.
CVE(s): CVE-2016-2107
Affected product(s) and affected version(s):
FlashSystem 840 including machine type and models (MTMs) for all available code levels. MTMs affected include 9840-AE1 and 9843-AE1.
FlashSystem 900 including machine type and models (MTMs) for all available code levels. MTMs affected include 9840-AE2 and 9843-AE2.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2c9VL2K
X-Force Database: http://ift.tt/1NwOQz5
from IBM Product Security Incident Response Team http://ift.tt/2c9XBjQ
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.