IBM has released the following Interim Fix 2.0.3.3-IBM-SIQ4L-IF001 for IBM StoredIQ for Legal in response to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754.

Vulnerability Details

CVEID: CVE-2017-5753

CVEID: CVE-2017-5715

CVEID: CVE-2017-5754

Affected Products and Versions

Affected Product Name

Affected Versions

—|—
IBM StoredIQ for Legal | 2.0.0.0 - 2.0.3.3

Remediation/Fixes

Product

| VRMF| APAR| Remediation/First Fix
—|—|—|—
IBM StoredIQ for Legal| 2.0.0.0 - 2.0.3.3| n/a| Upgrade to Fix Pack 2.0.3.3 and apply Interim Fix 2.0.3.3-IBM-SIQ4L-IF001, both are available from Fix Central.

Workarounds and Mitigations

None

CPENameOperatorVersion
storediq for legaleq2.0

CPE	Name	Operator	Version
	storediq for legal	eq	2.0

nessus 64

openvas 20

qualysblog 6

suse 5

ibm 26

paloalto 1

malwarebytes 2

nvidia 7

kitploit 1

redhat 23

cloudfoundry 1

cisco 1

centos 3

redhatcve 1

huawei 2

seebug 1

mageia 1

lenovo 2

threatpost 3

symantec 3

f5 1

vmware 2

virtuozzo 4

ubuntu 7

arista 1

citrix 1

talosblog 1

oraclelinux 2

thn 2

veeam 1

cert 1

xen 1

googleprojectzero 1

securelist 1

nessus

RHEL 7 : rhvm-appliance (RHSA-2018:0045) (Meltdown) (Spectre)

2018-01-09 00:00:00

RHEL 7 : kernel-rt (RHSA-2018:0016) (Meltdown) (Spectre)

2018-01-04 00:00:00

Virtuozzo 7 : crit / criu / criu-devel / ksm-vz / libcompel / etc (VZA-2018-003)

2018-01-09 00:00:00

openvas

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1638)

2020-01-23 00:00:00

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1236)

2020-01-23 00:00:00

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1002)

2020-01-23 00:00:00

qualysblog

Meltdown and Spectre Aren’t Business as Usual

2018-01-18 22:22:16

Apple in the InfoSec Spotlight, as GitHub Falls Prey to Amplified DDoS Attack

2018-03-02 14:48:53

Meltdown/Spectre and Qualys Cloud Platform

2018-01-09 02:36:19

suse

Security update for the Linux Kernel (important)

2018-01-22 15:08:49

Security update for the Linux Kernel (important)

2018-01-16 21:08:59

Security update for the Linux Kernel (important)

2018-01-16 21:08:19

ibm

Security Bulletin: IBM StoredIQ has released Interim Fix 7.6.0.14-IBMStoredIQ_IF001 in response to the vulnerabilities known as Spectre and Meltdown.

2018-06-17 12:19:15

Security Bulletin: IBM Security Identity Governance and Intelligence has released a fixpack in response to the vulnerabilities known as Spectre and Meltdown

2018-07-27 12:21:10

Security Bulletin: IBM QRadar Network Packet Capture has released 7.3.1 Patch 1, and 7.2.8 Patch 1 in response to the vulnerabilities known as Spectre and Meltdown.

2022-12-12 20:14:44

paloalto

Information about Meltdown and Spectre findings

2018-01-04 00:00:00

malwarebytes

Meltdown and Spectre fallout: patching problems persist

2018-01-11 14:00:00

Meltdown and Spectre: what you need to know

2018-01-04 15:53:24

nvidia

Security Bulletin: NVIDIA GeForce Experience (GFE) Security Updates for CPU Speculative Side Channel Vulnerabilities

2018-01-09 00:00:00

Security Bulletin: NVIDIA Driver Security Updates for CPU Speculative Side Channel Vulnerabilities

2018-01-04 00:00:00

Security Bulletin: NVIDIA Jetson TX1, Jetson TK1, and Tegra K1 L4T Security Updates for CPU Speculative Side Channel Vulnerabilities

2018-01-05 00:00:00

kitploit

Spectre-Meltdown-Checker - Spectre & Meltdown Vulnerability/Mitigation Checker For Linux

2018-01-08 12:43:00

redhat

(RHSA-2018:0044) Important: redhat-virtualization-host security update

2018-01-05 15:35:38

(RHSA-2018:0017) Important: kernel security update

2018-01-04 05:10:29

(RHSA-2018:0011) Important: kernel security update

2018-01-03 22:35:00

cloudfoundry

USN-3540-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

2018-01-23 00:00:00

cisco

CPU Side-Channel Information Disclosure Vulnerabilities

2018-01-04 22:20:00

centos

kernel, perf, python security update

2018-01-04 19:46:26

kernel, perf, python security update

2018-01-04 11:36:27

kernel, perf, python security update

2018-03-14 14:47:28

redhatcve

CVE-2017-5715

2021-07-20 18:54:09

huawei

Security Advisory - CPU Vulnerabilities Meltdown and Spectre

2018-06-06 00:00:00

Security Advisory - CPU Vulnerabilities 'Meltdown' and 'Spectre'

2018-01-06 00:00:00

seebug

Reading privileged memory with a side-channel (Meltdown & Spectre)

2018-01-04 00:00:00

mageia

Updated nvidia-current packages mitigates security issues

2018-01-13 17:28:36

lenovo

Reading Privileged Memory with a Side Channel - Lenovo Support US

2018-10-24 12:22:52

Reading Privileged Memory with a Side Channel - US

2018-10-24 12:22:52

threatpost

Experts Weigh In On Spectre Patch Challenges

2018-01-07 23:21:34

Vendors Share Patch Updates on Spectre and Meltdown Mitigation Efforts

2018-01-04 13:01:52

Google Releases Spectre PoC Exploit For Chrome

2021-03-16 14:01:06

symantec

Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability

2018-01-03 00:00:00

Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability

2018-01-03 00:00:00

SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks

2018-01-08 08:00:00

Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754

2018-01-04 04:46:00

vmware

VMware Virtual Appliance updates address side-channel analysis due to speculative execution

2018-02-08 00:00:00

VMware Virtual Appliance updates address side-channel analysis due to speculative execution

2018-02-08 00:00:00

virtuozzo

Important kernel security update: Fixes for Meltdown and Spectre exploits; new kernel 2.6.32-042stab127.2, Virtuozzo 6.0 Update 12 Hotfix 20 (6.0.12-3690)

2018-01-06 00:00:00

Important kernel security update: Fixes for Meltdown and Spectre exploits; new kernel 3.10.0-693.11.6.vz7.40.4, Virtuozzo 7.0 Update 6 Hotfix 3 (7.0.6-710)

2018-01-08 00:00:00

Important product update: Fixes for Meltdown and Spectre exploits in virtual machines; Virtuozzo 6.0 Update 12 Hotfix 21 (6.0.12-3698)

2018-02-01 00:00:00

ubuntu

Linux kernel vulnerabilities

2018-01-23 00:00:00

Linux kernel vulnerabilities

2018-01-23 00:00:00

Linux kernel (HWE) vulnerabilities

2018-03-15 00:00:00

arista

Security Advisory 0031

2018-01-03 00:00:00

citrix

Citrix Security Updates for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754

2018-01-03 04:00:00

talosblog

Meltdown and Spectre

2018-01-08 09:16:00

oraclelinux

Unbreakable Enterprise kernel security update

2018-01-19 00:00:00

kernel security update

2018-01-04 00:00:00

thn

Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors

2018-01-03 19:34:00

[Guide] How to Protect Your Devices Against Meltdown and Spectre Attacks

2018-01-04 21:18:00

veeam

Meltdown and Spectre vulnerabilities

2018-01-09 00:00:00

cert

CPU hardware vulnerable to side-channel attacks

2018-01-04 00:00:00

xen

Information leak via side effects of speculative execution

2018-01-03 22:29:00

googleprojectzero

Reading privileged memory with a side-channel

2018-01-03 00:00:00

securelist

IT threat evolution Q1 2018

2018-05-14 10:00:08

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

5.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

JSON

Related for 8BDB2B04E90B5D8B3BDFF1CFA6291BB29AA8C21942820B81D627E9E3835D2C35