SymmetricalDataSecurity: Security Bulletin: Windows installers of IBM Cloud CLI prior to 0.16.2 are signed using SHA1 certificate

Wednesday, February 5, 2020

Security Bulletin: Windows installers of IBM Cloud CLI prior to 0.16.2 are signed using SHA1 certificate

Feb 5, 2020 7:00 pm EST

Share this post:

IBM Cloud CLI (prior to 0.16.2) windows installers are signed using SHA1 certificate. An attacker might be able to exploit the weak algorithm to generate a installer with malicious software inside.

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
IBM Cloud CLI	0.6.0 – 0.16.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1356087

from IBM Product Security Incident Response Team https://ift.tt/382MHqr

SymmetricalDataSecurity

Wednesday, February 5, 2020

Security Bulletin: Windows installers of IBM Cloud CLI prior to 0.16.2 are signed using SHA1 certificate

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews