Locating CVE-related bulletins for your Infrastructure Security product

Question

How do you locate CVE-related bulletins for your IBM Infrastructure Security product?

Answer

Finding all CVEs covered in firmware releases for appliances

1. Access the IBM Support Portal.
2. Under Product finder, enter the name for the product you want to search for. For a list of all the product aliases under Infrastructure Security, see Technote 1643250: IBM Security Systems Infrastructure product aliases. Once it is found, click the product to select it.
   In this example, we will search for the Network Protection (XGS) appliance.
   
3. Under the product page, click the Flashes, alerts and bulletins link underProduct support content.
4. Here you find all the flashes, alerts, and bulletins for all firmware versions. To see a specific firmware version, go to the Filters by version and select the appropriate version. In our example, we only want to see flashes, alerts, and bulletins for firmware 5.3.
   
   You will see a list of all the flashes, alerts, and bulletins for the particular firmware. This list shows the CVEs covered in that firmware versions.

Finding one specific CVE in firmware of appliance

1. Repeat steps 1-3 in the first section.
2. Find the Search within results search box near the top.
   
3. Search for the specific CVE that you want to find. In this example, we are searching for CVE-2014-3566.
   
   Alternatively, you can go to the IBM Product Security Incident Response page and search for the CVE. As this is not filtered by product, you can enter the desired product in your search term. For example, if you wanted to see CVE-2014-3566 coverage for the XGS, you can search for “CVE-2014-3566 IBM Security Network Protection.” Otherwise, you get results for all products this applies to. You might find the option above to be easier to find the specific CVE you are looking for.

Finding all CVE fixes included in a patch

1. Repeat steps 1-4 in the first section to filter by appropriate firmware.
2. Find the Search within results search box.
3. Search for the latest bulletin that uses the same naming convention as the patch. For example, search for 4.6.2.0-ISS-ProvG-AllModels-System-FP0004 to find bulletins for this particular patch for the Network IPS (GX). **Note: **System patches are normally cumulative. So all bulletins found whose remediation fix match the naming convention of this patch and whose FP level is at that level or lower (004 or lower in the example), they are covered by the patch.

[{“Product”:{“code”:“SSHLHV”,“label”:“IBM Security Network Protection”},“Business Unit”:{“code”:“BU059”,“label”:“IBM Software w/o TPS”},“Component”:“General Information”,“Platform”:[{“code”:“PF009”,“label”:“Firmware”}],“Version”:“Version Independent”,“Edition”:“”,“Line of Business”:{“code”:“LOB24”,“label”:“Security Software”}},{“Product”:{“code”:“SS9SBT”,“label”:“Proventia Network Intrusion Prevention System”},“Business Unit”:{“code”:“BU059”,“label”:“IBM Software w/o TPS”},“Component”:“General Information”,“Platform”:[{“code”:“PF009”,“label”:“Firmware”}],“Version”:“Version Independent”,“Edition”:“”,“Line of Business”:{“code”:“LOB24”,“label”:“Security Software”}},{“Product”:{“code”:“SSETBF”,“label”:“IBM Security SiteProtector System”},“Business Unit”:{“code”:“BU059”,“label”:“IBM Software w/o TPS”},“Component”:“Vulnerability (CVE)”,“Platform”:[{“code”:“PF033”,“label”:“Windows”}],“Version”:“Version Independent”,“Edition”:“”,“Line of Business”:{“code”:“LOB24”,“label”:“Security Software”}}]