A vulnerability was found in the OpenSSL release used by the Windows and z/OS Security Identity Adapters. These adapters have been upgraded to a more current OpenSSL release that corrects the CVE (CVE-2016-8610) “SSL Death Alert: OpenSSL SSL/TLS SSL3_AL_WARNING undefined alert Remote DoS” vulnerability.
CVE(s): CVE-2016-8610
Affected product(s) and affected version(s):
Adapters for Tivoli Identity Manager 5.1 for Windows and z/OS platforms
IBM Security Identity Manager v6.0 Adapters for Windows and z/OS platforms
Security Identity Adapters v7.x for Windows and z/OS platforms
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2v9zUmw
X-Force Database: http://ift.tt/2hNr07D
The post IBM Security Bulletin: Vulnerability found in OpenSSL release used by Windows and z/OS Security Identity Adapters appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2v9MySz
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.