Two potential denial of service vulnerabilities have been reported by the OpenSSL project. IBM DataPower Gateways has addressed the applicable CVEs.
CVE(s): CVE-2017-3731, CVE-2016-7055
Affected product(s) and affected version(s):
CVE-2016-7055 – DataPower versions 7.2.0.0-7.2.0.13, 7.5.0.0-7.5.0.7, 7.5.1.0-7.5.1.6 and 7.5.2.0-7.5.2.6
CVE-2017-3731 – DataPower versions 7.0.0.0-7.0.0.18, 7.1.0.0-7.1.0.16, 7.2.0.0-7.2.0.13, 7.5.0.0-7.5.0.7, 7.5.1.0-7.5.1.6 and 7.5.2.0-7.5.2.6
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2siHGW7
X-Force Database: http://ift.tt/2knsB3D
X-Force Database: http://ift.tt/2hjUUfe
The post IBM Security Bulletin: Vulnerabilities in SSL affect IBM DataPower Gateways (CVE-2017-3731, CVE-2016-7055) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2sihP0H
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.