Security vulnerabilities were disclosed on Nov 1, 2017 and Dec 6, 2017 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVEs.
CVE(s): CVE-2017-3736, CVE-2017-3737, CVE-2017-3736
Affected product(s) and affected version(s):
IBM Sterling Connect:Express for UNIX 1.5.0.15
- All versions prior to 1.5.0.15 iFix 150-1507
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22013705
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134397
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/136077
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/136078
The post IBM Security Bulletin: IBM Sterling Connect:Express for UNIX is Affected by the Following OpenSSL Vulnerabilities (CVE-2017-3637, CVE-2017-3737, CVE-2017-3738) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2EPGGlF
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.