Thursday, August 24, 2017

IBM Security Bulletin: Vulnerability found in OpenSSL release used by Windows and z/OS Security Identity Adapters

A vulnerability was found in the OpenSSL release used by the Windows and z/OS Security Identity Adapters. These adapters have been upgraded to a more current OpenSSL release that corrects the CVE (CVE-2016-8610) “SSL Death Alert: OpenSSL SSL/TLS SSL3_AL_WARNING undefined alert Remote DoS” vulnerability.

CVE(s): CVE-2016-8610

Affected product(s) and affected version(s):

Adapters for Tivoli Identity Manager 5.1 for Windows and z/OS platforms
IBM Security Identity Manager v6.0 Adapters for Windows and z/OS platforms
Security Identity Adapters v7.x for Windows and z/OS platforms

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2v9zUmw
X-Force Database: http://ift.tt/2hNr07D

The post IBM Security Bulletin: Vulnerability found in OpenSSL release used by Windows and z/OS Security Identity Adapters appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2v9MySz

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.