Wednesday, February 21, 2018

IBM Security Bulletin: IBM Systems Director (ISD) Storage Control is affected by vulnerabilities in IBM Websphere Application Server (WAS), OpenSSL and IBM Java Runtime

There are vulnerabilities addressed in IBM WAS, IBM Runtime Environment Java™Technology Edition, and OpenSSL that are used by ISD Storage Control. The Java issues were disclosed as part of the IBM Java updates for October 2017.

CVE(s): CVE-2017-10356, CVE-2017-10388, CVE-2017-3167, CVE-2017-7668, CVE-2017-3169, CVE-2017-9798, CVE-2017-7679, CVE-2017-3735, CVE-2017-3736, CVE-2017-3737, CVE-2017-3738

Affected product(s) and affected version(s):

From the IBM Systems Director command line enter smcli lsver to determine the level of IBM Systems Director installed.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=isg3T1027035
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133785
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133813
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127416
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127419
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127417
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132159
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/127420
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/131047
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/134397
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/136077
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/136078

The post IBM Security Bulletin: IBM Systems Director (ISD) Storage Control is affected by vulnerabilities in IBM Websphere Application Server (WAS), OpenSSL and IBM Java Runtime appeared first on IBM PSIRT Blog.

Affected Product and Version(s) Product and Version shipped as a component
IBM System Director Storage Control 4.2.6 IBM Systems Director 6.3.5
IBM System Director Storage Control 4.2.7 IBM Systems Director 6.3.6
IBM System Director Storage Control 4.2.8 IBM Systems Director 6.3.7


from IBM Product Security Incident Response Team http://ift.tt/2EFBn4Y
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)