Security Bulletin: IBM Security Network Intrusion Prevention System CPU utilization (CVE-2014-0963)

2022-02-23T19:48:26

Description

## Summary IBM Security Network Intrusion Prevention System is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase. ## Vulnerability Details **CVE ID:** [_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) **DESCRIPTION: ** IBM Security Network Intrusion Prevention System is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM Security Network Intrusion Prevention System and other software running on the affected system. This issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. To determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM Security Network Intrusion Prevention System instances. CVSS Base Score: 7.1 CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C) ## Affected Products and Versions **Products:** GX3002, GX4002, GX4004, GX4004-v2, GX5008, GX5008-v2, GX5108, GX5108-v2, GX5208, GX5208-v2, GX6116, GX7412, GX7412-10, GX7412-05, GX7800, GV200, GV1000 **Firmware versions:** 4.6.1 ## Remediation/Fixes IBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. [**Proventia Network Intrusion Prevention System 4.6.1****.0**** All Models Hotfix-FP0006**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) ## Workarounds and Mitigations None ##

Affected Software

CPE Name	Name	Version
	proventia network intrusion prevention system	4.6.1

{"id": "96E1DDB06EE37281EAA659E6AF4ACC1FC6F0FF50AFBDAD377C0EC90C7C1AD72B", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: IBM Security Network Intrusion Prevention System CPU utilization (CVE-2014-0963)", "description": "## Summary\n\nIBM Security Network Intrusion Prevention System is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase.\n\n## Vulnerability Details\n\n**CVE ID:** \n[_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION: ** \nIBM Security Network Intrusion Prevention System is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM Security Network Intrusion Prevention System and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM Security Network Intrusion Prevention System instances. \n \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\n**Products:** GX3002, GX4002, GX4004, GX4004-v2, GX5008, GX5008-v2, GX5108, GX5108-v2, GX5208, GX5208-v2, GX6116, GX7412, GX7412-10, GX7412-05, GX7800, GV200, GV1000 \n \n**Firmware versions:** 4.6.1 \n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. \n \n[**Proventia Network Intrusion Prevention System 4.6.1****.0**** All Models Hotfix-FP0006**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "published": "2022-02-23T19:48:26", "modified": "2022-02-23T19:48:26", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1}, "severity": "HIGH", "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://www.ibm.com/support/pages/node/510179", "reporter": "IBM", "references": [], "cvelist": ["CVE-2014-0963"], "immutableFields": [], "lastseen": "2023-02-21T05:36:58", "viewCount": 28, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-0963"]}, {"type": "ibm", "idList": ["05EAF05B06C98649D8F16E01A68FB0454B724EEB4EDC49CA996B84F305238D5B", "06328F4C69F8C4130028C8D210DD30DFD1A6EBD09516664D42030A36665F14C0", "1552258BC602B501CB144C17FE55DEC12CEDE82B9F4351E9E4F47BE8C7003BA9", "1956448F2DBC51C3B3467B5549FC9341668B404BAB7181B5F9FFBD1629534E0E", "1D0192957F944C145D20B2F305B5A767136DD0EAB4CF6464CCE5632FC9F05E0F", "1EC9D814A44355A00FF42F8C8587C9E7C452415354E28A889935185CB4613BD7", "23A6064A27BE5DEB6EE870F43DFEDD399070EF9E26A0CC5394D3C1D22CE03B5D", "27A61931C123D40E819AC5EAFFA112E3C765FD883016C8E4E13FD04E566E792C", "2850463C45D90C3D9D097616076C0D9D18A9A20F76719D7B7364C08698764B98", "2B629176BB4AEE8CDCF80BE876B782F40389368FB1959C70B4F373548092644B", "30328151913370B14415B4B74B6C2990524CAA3213129496E6025C73FB2831D6", "3149BF808F24BE168103A60BB05892459AFC62AF6331A9076DA531DE383745FE", "32B9AE37DE5DD0D1916B8E9F13719C5945A8459CEAA3CF57630C04383368551B", "337A8252FA7D115C338D3084DC6165836F9EC38F2BD49BBF0E6F7C5CFFF36F85", "366528920AB08CD4C3342302F9E32351ECF43EDEBAD1ECB41D64BE8D3D3C78F5", "3BC513A04E20BADD7A8C69207ACE4AFA4A32A70CA0B3843D6A831AF4486BA81A", "418155E625950ED93200858561739BA8D180B35EDD681078311AE7088DA4B4F8", "4E8B0B6352B919BE09B7FFD1B5AF3100B63E65C31BDAA29DCEA95DF4DD5D544E", "57298182288B8856B38AEB6CE7F130B359FB1B0048F435C69ED6C23F98B0E72D", "5E0DE285D2E6D01FF0231DFA20BECAC2CBCFA060DDEAD7E3A080B416A2FC0E24", "65EDC6979FFB4C4B7EB0617BEE2354DA585EB2C409187E00A923B5C999E22271", "692FCB29AD5F41230C6C6CC2A19174CC371C1D7648585DB8E6D0B990AAC48F4A", "6BF1CF55DE3BAE9236780CD0C796A5D908FBC6165AE3749D97657FE2D8F3E59E", "6DC5661D38511C86A87BF7CA7EAC62B30EF83CD0352CD32BE33C0F422A023D6D", "705280D237DEDB26D3D68396BC2097819ADC8127D93D08AF8CFC027E9A703179", "706D99B639D7E81DE32939C6E38CFFF8B3EE3C64791BE8296A7D64F4752EC724", "7568FEAA9605EF2C9FAF96BEC99B76E9B83ECD7DD1DC58F9858E278BE45E512F", "7623EF01FDC9829334B2D3D28DD6B6F03B2A42D3B32CC0CE319C386E91549037", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "818FDB8F463682E340D527E560C09F09B6D231182F68DAA0BDD2F2797033B12C", "82E90B0B0E258061F33C25F0A8B03BCB3FF054B97C919652DD66BD8655F7659C", "8502A903342FDB1916D6CAB2FC6A1D67BCC841AD550ABA638ED7DD351B9616E5", "86FD24BEECC6A3212BD5650D8D371F59ACC613E17C0D66E2E30788BCD20A1A37", "89606CB9BAE9B108FF51E5EA45712D05273B7EFD73D6E324B14E0C2CD5D7A9D8", "89B79E0FDFFD6E25CBB86E30650219E38ADBDF5AD329BA0714EB365F1D1C347A", "8FD051F955DA34B0ED86BB19DF9F210B1221FDE0963AE5B34A2B8D0F6F80B010", "8FE07048567B925AF97BAE2865B8D3D33C2E7F2D25EB7F6EFEA443B90CF8390A", "9CFD66C757F340F0DC4D9FFB589E91D23CCED055E5F8D00713074F23B8B5B745", "9F80E10C3AC4ADC787F2BACC8C7AFFB2D2CCA77EEAFC0204E3F3013C6B11CA32", "B34D4783D2ECDACCB8C002E3246039DCC0A188A6E13F0E4A763BB57EEFB98FA4", "B98B7AD5400A981799D8497048615996312AE5B7D6BF21ECAC1838361CFCA86D", "BCDD7F4DD9394B30CE89ECD8DF9B6981141B586EDAEAB6739431597AE6922C8D", "C5D36F4BC6BA92774F49A51F529A4464D6C55183E7C4248AFBD69E9905356626", "CA952453C57BB4B8439AB9B32CC6034F032C5A906021E2FAE1D91EAE2DB41672", "D1FCE94AFD53F438933CF6467EAC1EB1FB8EB13AF5759CB2140C08E246184D54", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D41A274FB8E036C84F3198A8146D83F552A48326E0818A0061DBF4E80789BCD0", "D4E019B35B04626AD073710FFADD8B8C514E51E50A3B78AB1C6FE1F304B4ED1C", "E121C7A373A623FA01F8270E29E312ADE46003066CF805E43468AC6EA9092162", "EBBE77B3EA2E9CBF25053115271158E9E2469346FFF1558D81E3CC6781CA2B51", "EDB4320F651EB3467E340311504DF85E798692ABA8ECF0CF2E6825340D64AD79", "EE37AC6B791EE142CDDEB3FD264ECF8AE2217EA375AF875221F39B0925A010AC", "F799E6E0108D459EC3765384D2500A93725940F3C3A33723578D0DEDF5315C2E", "FDEADD41402A59676F1925CFC9BB1FAC1F74D1189B9D81613FCE71C87F52CFD9", "FFF6FFB88669682E0EC9B7E533971A1A23EBBC57F4C2306E9703170068CEC4EA"]}, {"type": "nessus", "idList": ["9699.PRM", "DB2_101FP3A.NASL", "DB2_105FP3A.NASL", "DB2_91_TLS_SSL_DOS.NASL", "DB2_95FP9_MULTI_VULN.NASL", "DB2_97FP9A.NASL", "DB2_98FP5_MULTI_VULN.NASL", "DOMINO_9_0_1_FP2.NASL", "IBM_DOMINO_9_0_1_FP2.NASL", "IBM_GSKIT_8_0_50_20.NASL", "IBM_GSKIT_8_0_50_20_LINUX.NASL", "IBM_HTTP_SERVER_509677.NASL", "IBM_INFORMIX_SERVER_SWG21673008.NASL", "IBM_NOTES_9_0_1_FP2.NASL", "TIVOLI_ACCESS_MANAGER_EBIZ_6_1_1_10.NASL", "TIVOLI_DIRECTORY_SVR_SWG21672724.NASL", "WEBSPHERE_7_0_0_33.NASL", "WEBSPHERE_8_0_0_9.NASL", "WEBSPHERE_8_5_5_3.NASL"]}]}, "score": {"value": 0.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2014-0963"]}, {"type": "ibm", "idList": ["8FD051F955DA34B0ED86BB19DF9F210B1221FDE0963AE5B34A2B8D0F6F80B010", "EE37AC6B791EE142CDDEB3FD264ECF8AE2217EA375AF875221F39B0925A010AC"]}, {"type": "nessus", "idList": ["DB2_105FP3A.NASL"]}, {"type": "symantec", "idList": ["SMNTC-111284"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "proventia network intrusion prevention system", "version": 4}]}, "epss": [{"cve": "CVE-2014-0963", "epss": "0.068030000", "percentile": "0.927540000", "modified": "2023-03-17"}], "vulnersScore": 0.9}, "_state": {"dependencies": 1676957828, "score": 1676957821, "affected_software_major_version": 1677355290, "epss": 1679165106}, "_internal": {"score_hash": "f1cbd706f2aa9749c3e24d7384a3511f"}, "affectedSoftware": [{"version": "4.6.1", "operator": "eq", "name": "proventia network intrusion prevention system"}]}

{"nessus": [{"lastseen": "2023-01-11T14:47:08", "description": "The remote Informix server ships with a version of IBM's Global Security kit (GSKit) library that is affected by a denial of service vulnerability. A remote attacker can exploit this issue by sending a specially crafted SSL request to cause the host to become unresponsive.", "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "nessus", "title": "Informix Server GSKit 7.x < 7.0.4.50 / 8.0.50.x < 8.0.50.20 SSL CPU Utilization DoS", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2020-09-18T00:00:00", "cpe": ["cpe:/a:ibm:global_security_kit", "cpe:/a:ibm:informix_dynamic_server"], "id": "IBM_INFORMIX_SERVER_SWG21673008.NASL", "href": "https://www.tenable.com/plugins/nessus/80477", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80477);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/18\");\n\n script_cve_id(\"CVE-2014-0963\");\n script_bugtraq_id(67238);\n\n script_name(english:\"Informix Server GSKit 7.x < 7.0.4.50 / 8.0.50.x < 8.0.50.20 SSL CPU Utilization DoS\");\n script_summary(english:\"Checks version of Informix Server and GSKit.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application that is affected by a denial of\nservice vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Informix server ships with a version of IBM's Global\nSecurity kit (GSKit) library that is affected by a denial of service\nvulnerability. A remote attacker can exploit this issue by sending a\nspecially crafted SSL request to cause the host to become\nunresponsive.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-01.ibm.com/support/docview.wss?uid=swg21673008\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the Informix server or apply the correct GSKit patch per the\nvendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0963\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/13\");\n\n script_set_attribute(attribute:\"agent\", value:\"windows\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:global_security_kit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:informix_dynamic_server\");\n\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ibm_gskit_installed.nasl\", \"ibm_informix_server_installed.nasl\");\n script_require_keys(\"installed_sw/IBM GSKit\", \"installed_sw/IBM Informix Dynamic Server\");\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude(\"install_func.inc\");\ninclude('misc_func.inc');\n\nids_app = 'IBM Informix Dynamic Server';\nids_install = get_single_install(app_name:ids_app, exit_if_unknown_ver:TRUE);\n\nids_ver = ids_install['version'];\nids_path = ids_install['path'];\n\nids_fix = NULL;\ngsk_regex = NULL;\ngsk_fix = NULL;\n\nitem = pregmatch(pattern: \"[cC]([0-9]+)([^0-9]|$)\",\n string: ids_ver);\nc_num = 0;\nif (!isnull(item) && !isnull(item[1])) c_num = int(item[1]);\n\n# 11.50 (currently no fix for 11.50 branch)\nif (ids_ver =~ \"^11\\.50($|[^0-9])\")\n{\n ids_fix = \"None available. Upgrade GSKit.\";\n gsk_regex = \"^7\\.\";\n gsk_fix = '7.0.4.50';\n}\n# 11.70 < 11.70.xC8\nelse if (ids_ver =~ \"^11\\.70($|[^0-9])\" && c_num < 8)\n{\n ids_fix = \"11.70.xC8\";\n gsk_regex = \"^8\\.0\\.50\\.\";\n gsk_fix = \"8.0.50.20\";\n}\n# 12.10 < 12.10.xC4\nelse if (ids_ver =~ \"^12\\.10($|[^0-9])\" && c_num < 4)\n{\n ids_fix = \"12.10.xC4\";\n gsk_regex = \"^8\\.0\\.50\\.\";\n gsk_fix = \"8.0.50.20\";\n}\nelse\n audit(AUDIT_INST_PATH_NOT_VULN, ids_app, ids_ver, ids_path);\n\n# Check GSKit version if Informix is not patched\ngsk_app = \"IBM GSKit\";\n\n# We don't bother to exit if we can't detect any GSKit installations\ngsk_installs = get_installs(app_name:gsk_app);\ngsk_report = NULL;\ngsk_vuln = 0;\n\nforeach gsk_install (gsk_installs[1])\n{\n gsk_ver = gsk_install['version'];\n gsk_path = gsk_install['path'];\n\n if (gsk_ver =~ gsk_regex &&\n ver_compare(ver:gsk_ver, fix:gsk_fix, strict:FALSE) == -1)\n {\n gsk_report +=\n '\\n Path : ' + gsk_path +\n '\\n Installed version : ' + gsk_ver +\n '\\n Fixed version : ' + gsk_fix +\n '\\n';\n\n gsk_vuln++;\n }\n}\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\nreport =\n '\\n' + 'The install of ' + ids_app + ' is vulnerable :' +\n '\\n' +\n '\\n' + ' Path : ' + ids_path +\n '\\n' + ' Installed version : ' + ids_ver +\n '\\n' + ' Fixed version : ' + ids_fix +\n '\\n';\n\nserver_instances = get_kb_item(\"Host/\" + ids_app + \"/Server Instances\");\nif (!empty_or_null(server_instances))\n{\n instance_list = split(server_instances, sep:' / ', keep:FALSE);\n report += ' Server instances : ' + '\\n - ' + join(instance_list, sep:'\\n - ') + '\\n';\n}\n\nif (!isnull(gsk_report))\n{\n instance = \" instance \"; is_are = \" is \";\n\n if (gsk_vuln > 1) {instance = \" instances \"; is_are = \" are \";}\n\n report +=\n '\\nAlso, the following vulnerable'+instance+'of '+gsk_app+is_are+'installed on the'+\n '\\nremote host :' +\n '\\n' +\n gsk_report;\n}\n\nsecurity_report_v4(severity:SECURITY_HOLE, port:port, extra:report);\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-10T14:55:39", "description": "The version of IBM HTTP Server running on the remote host is affected by a vulnerability. The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-15T00:00:00", "type": "nessus", "title": "IBM HTTP Server 8.5.0.0 <= 8.5.5.2 / 8.0.0.0 <= 8.0.0.8 / 7.0.0.0 <= 7.0.0.31 / 6.1.0.0 <= 6.1.0.47 / 6.0.0.0 <= 6.0.2.43 (509677)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:ibm:http_server"], "id": "IBM_HTTP_SERVER_509677.NASL", "href": "https://www.tenable.com/plugins/nessus/144288", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144288);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2014-0963\");\n script_bugtraq_id(67238);\n\n script_name(english:\"IBM HTTP Server 8.5.0.0 <= 8.5.5.2 / 8.0.0.0 <= 8.0.0.8 / 7.0.0.0 <= 7.0.0.31 / 6.1.0.0 <= 6.1.0.47 / 6.0.0.0 <= 6.0.2.43 (509677)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM HTTP Server running on the remote host is affected by a vulnerability. The Reverse Proxy feature in\nIBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and\n8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL\nmessages.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/support/pages/node/509677\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM HTTP Server version 8.5.5.3, 8.0.0.9, 7.0.0.33 or later. Alternatively, upgrade to the minimal fix pack\nlevel required by the interim fix and then apply Interim Fix PI17025.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0963\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:http_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ibm_http_server_nix_installed.nbin\");\n script_require_keys(\"installed_sw/IBM HTTP Server (IHS)\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'IBM HTTP Server (IHS)';\nfix = 'Interim Fix PI17025';\n\napp_info = vcf::get_app_info(app:app);\nvcf::check_granularity(app_info:app_info, sig_segments:4);\n\n if ('PI17025' >< app_info['Fixes'])\n audit(AUDIT_INST_VER_NOT_VULN, app);\n\nconstraints = [\n { 'min_version' : '8.5.0.0', 'max_version' : '8.5.5.2', 'fixed_display' : '8.5.5.3 or Interim Fix PI17025'},\n { 'min_version' : '8.0.0.0', 'max_version' : '8.0.0.8', 'fixed_display' : '8.0.0.9 or Interim Fix PI17025'},\n { 'min_version' : '7.0.0.0', 'max_version' : '7.0.0.31', 'fixed_display' : '7.0.0.33 or Interim Fix PI17025'},\n { 'min_version' : '6.1.0.0', 'max_version' : '6.1.0.47', 'fixed_display' : 'Interim Fix PI17025'},\n { 'min_version' : '6.0.0.0', 'max_version' : '6.0.2.43', 'fixed_display' : 'Interim Fix PI17025'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:48:09", "description": "The remote host is running a version of IBM Security Directory Server (formerly IBM Tivoli Directory Server) and a version of IBM Global Security Kit (GSKit) that is affected by a denial of service vulnerability due to a flaw in the GSKit library. An attacker can exploit this issue via a specially-crafted SSL to use excessive CPU resources resulting in the host to become unresponsive.", "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "nessus", "title": "IBM Security Directory Server < 6.1.0.61 / 6.2.0.36 / 6.3.0.30 / 6.3.1.2 with GSKit < 7.0.4.50 / 8.0.50.20 SSL CPU Utilization DoS", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-08-01T00:00:00", "cpe": ["cpe:/a:ibm:security_directory_server", "cpe:/a:ibm:tivoli_directory_server"], "id": "TIVOLI_DIRECTORY_SVR_SWG21672724.NASL", "href": "https://www.tenable.com/plugins/nessus/80482", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80482);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/08/01 17:36:15\");\n\n script_cve_id(\"CVE-2014-0963\");\n script_bugtraq_id(67238);\n\n script_name(english:\"IBM Security Directory Server < 6.1.0.61 / 6.2.0.36 / 6.3.0.30 / 6.3.1.2 with GSKit < 7.0.4.50 / 8.0.50.20 SSL CPU Utilization DoS\");\n script_summary(english:\"Checks the version of Security Directory Server.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of IBM Security Directory Server and GSKit is affected by\na denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of IBM Security Directory Server\n(formerly IBM Tivoli Directory Server) and a version of IBM Global\nSecurity Kit (GSKit) that is affected by a denial of service\nvulnerability due to a flaw in the GSKit library. An attacker can\nexploit this issue via a specially-crafted SSL to use excessive CPU\nresources resulting in the host to become unresponsive.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672724\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install the appropriate fix based on the vendor's advisory :\n\n - 6.1.0.61-ISS-ITDS\n - 6.2.0.36-ISS-ITDS\n - 6.3.0.30-ISS-ITDS\n - 6.3.1.2-ISS-ISDS\n\nAlternatively, upgrade GSKit to 7.0.4.50 or 8.0.50.20.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:security_directory_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:tivoli_directory_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ibm_gskit_installed.nasl\", \"tivoli_directory_svr_installed.nasl\");\n script_require_keys(\"installed_sw/IBM GSKit\", \"installed_sw/IBM Security Directory Server\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"install_func.inc\");\ninclude(\"misc_func.inc\");\n\ntds_name = \"IBM Security Directory Server\";\ntds_install = get_single_install(app_name:tds_name, exit_if_unknown_ver:TRUE);\n\ntds_ver = tds_install['version'];\ntds_path = tds_install['path'];\n\ntds_fix = NULL;\ntds_patch = NULL;\ngsk_ver_regex = NULL;\ngsk_fix = NULL;\n\n# Ensure that TDS version is affected.\nif (tds_ver =~ \"^6\\.1\\.\")\n{\n tds_fix = \"6.1.0.61\";\n tds_patch = \"6.1.0.61-ISS-ITDS\";\n gsk_ver_regex = \"^7\\.\";\n gsk_fix = '7.0.4.50';\n}\nelse if (tds_ver =~ \"^6\\.2\\.\")\n{\n tds_fix = \"6.2.0.36\";\n tds_patch = \"6.2.0.36-ISS-ITDS\";\n gsk_ver_regex = \"^7\\.\";\n gsk_fix = '7.0.4.50';\n}\nelse if (tds_ver =~ \"^6\\.3\\.0($|[^0-9])\")\n{\n tds_fix = \"6.3.0.30\";\n tds_patch = \"6.3.0.30-ISS-ITDS\";\n gsk_ver_regex = \"^8\\.\";\n gsk_fix = '8.0.50.20';\n}\nelse if (tds_ver =~ \"^6\\.3\\.1($|[^0-9])\")\n{\n tds_fix = \"6.3.1.2\";\n tds_patch = \"6.3.1.2-ISS-ISDS\";\n gsk_ver_regex = \"^8\\.\";\n gsk_fix = '8.0.50.20';\n}\n\n# If the IF has been installed or the branch is not affected, exit.\nif (isnull(tds_fix) || ver_compare(ver:tds_ver, fix:tds_fix, strict:FALSE) >= 0)\n audit(AUDIT_INST_PATH_NOT_VULN, tds_name, tds_ver, tds_path);\n\n# If we got this far, we need to look at GSKit.\ngsk_app = \"IBM GSKit\";\n\n# We don't bother to exit if we can't detect any GSKit installations\ngsk_installs = get_installs(app_name:gsk_app);\ngsk_report = NULL;\ngsk_vuln = 0;\n\nforeach gsk_install (gsk_installs[1])\n{\n gsk_ver = gsk_install['version'];\n gsk_path = gsk_install['path'];\n\n # There can only be a single install per major version. So we will\n # have at most one vulnerable install.\n if (gsk_ver !~ gsk_ver_regex)\n audit(AUDIT_INST_PATH_NOT_VULN, gsk_app, gsk_ver, gsk_path);\n\n if (\n (gsk_ver =~ \"^8\\.0\\.50\\.\"\n && ver_compare(ver:gsk_ver, fix:gsk_fix, strict:FALSE) == -1) ||\n (gsk_ver =~ \"^7\\.0\\.\"\n && ver_compare(ver:gsk_ver, fix:gsk_fix, strict:FALSE) == -1)\n )\n {\n gsk_report +=\n '\\n Path : ' + gsk_path +\n '\\n Installed GSKit Version : ' + gsk_ver +\n '\\n Fixed GSKit Version : ' + gsk_fix +\n '\\n';\n\n gsk_vuln++;\n }\n}\n\nport = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\nif (report_verbosity > 0)\n{\n report =\n '\\nThe install of ' + tds_name + ' is vulnerable :' +\n '\\n' +\n '\\n Path : ' + tds_path +\n '\\n Installed version : ' + tds_ver +\n '\\n Fixed version : ' + tds_fix +\n '\\n' +\n '\\nInstall ' + tds_patch + ' to update installation.' +\n '\\n';\n\n if (!isnull(gsk_report))\n {\n instance = \" instance \"; is_are = \" is \";\n\n if (gsk_vuln > 1) {instance = \" instances \"; is_are = \" are \";}\n\n report +=\n '\\nAlso, the following vulnerable'+instance+'of '+gsk_app+is_are+'installed on the'+\n '\\nremote host :' +\n '\\n' +\n gsk_report;\n }\n\n security_hole(port:port, extra:report);\n}\nelse security_hole(port);\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:45:34", "description": "According to its self-reported version, the install of the IBM Tivoli Access Manager for e-Business is affected by multiple vulnerabilities :\n\n - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that allows nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076)\n\n - A denial of service vulnerability exists that allows an attacker, using a specially crafted SSL request, to cause the host to become unresponsive. Note that this issue only affects the WebSEAL component and a workaround is available. (CVE-2014-0963)", "cvss3": {}, "published": "2015-01-13T00:00:00", "type": "nessus", "title": "IBM Tivoli Access Manager for e-Business < 6.0.0.33 / 6.1.0.14 / 6.1.1.10 SSL Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0076", "CVE-2014-0963"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:ibm:tivoli_access_manager_for_e-business"], "id": "TIVOLI_ACCESS_MANAGER_EBIZ_6_1_1_10.NASL", "href": "https://www.tenable.com/plugins/nessus/80479", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80479);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\"CVE-2014-0076\", \"CVE-2014-0963\");\n script_bugtraq_id(66363, 67238);\n\n script_name(english:\"IBM Tivoli Access Manager for e-Business < 6.0.0.33 / 6.1.0.14 / 6.1.1.10 SSL Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Runtime component version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An access and authorization control management system installed on the\nremote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the install of the IBM Tivoli\nAccess Manager for e-Business is affected by multiple vulnerabilities\n:\n\n - An error exists related to the implementation of the\n Elliptic Curve Digital Signature Algorithm (ECDSA) that\n allows nonce disclosure via the 'FLUSH+RELOAD' cache\n side-channel attack. (CVE-2014-0076)\n\n - A denial of service vulnerability exists that allows an\n attacker, using a specially crafted SSL request, to\n cause the host to become unresponsive. Note that this\n issue only affects the WebSEAL component and a\n workaround is available. (CVE-2014-0963)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672950\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-01.ibm.com/support/docview.wss?uid=swg21673008\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the interim fix 6.0.0-ISS-TAM-IF0033 / 6.1.0-ISS-TAM-IF0014 /\n6.1.1-ISS-TAM-IF0010 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0076\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:tivoli_access_manager_for_e-business\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tivoli_access_manager_ebiz_installed_components_cred.nasl\");\n script_require_keys(\"installed_sw/IBM Access Manager for e-Business / IBM Security Access Manager\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp = 'IBM Access Manager for e-Business / IBM Security Access Manager';\ninstall = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);\n\nver = install['version'];\nfix = NULL;\nno_fix = FALSE;\n\n# Affected :\n# 5.1.0.x (no longer supported)\n# 6.0.0.x < 6.0.0.33\n# 6.1.0.x < 6.1.0.14\n# 6.1.1.x < 6.1.1.10\nif (ver =~ \"^5\\.1\\.0([^0-9]|$)\")\n{\n fix = \"Refer to the advisory.\";\n no_fix = TRUE;\n}\nelse if (ver =~ \"^6\\.0\\.0\\.\")\n fix = \"6.0.0.33\";\nelse if (ver =~ \"^6\\.1\\.0\\.\")\n fix = \"6.1.0.14\";\nelse if (ver =~ \"^6\\.1\\.1\\.\")\n fix = \"6.1.1.10\";\nelse\n audit(AUDIT_NOT_INST, app + \" ver 5.1.0.x / 6.0.0.x / 6.1.0.x / 6.1.1.x\");\n\nif (no_fix || ver_compare(ver:ver, fix:fix, strict:FALSE) < 0)\n{\n port = 0;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n' +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_note(port:port, extra:report);\n }\n else security_note(port);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, app, ver);\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-18T14:33:23", "description": "According to its version, the installation of IBM DB2 running on the remote host is version 9.1. It is, therefore, affected by one or more of the following vulnerabilities :\n\n - An unspecified error exists related to handling malformed certificate chains that could allow denial of service attacks. (CVE-2013-6747)\n\n - An unspecified error exists related to the TLS implementation that could allow certain error cases to cause 100% CPU utilization. (CVE-2014-0963)", "cvss3": {}, "published": "2014-06-18T00:00:00", "type": "nessus", "title": "IBM DB2 9.1 TLS/SSL Multiple DoS Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:ibm:db2"], "id": "DB2_91_TLS_SSL_DOS.NASL", "href": "https://www.tenable.com/plugins/nessus/76112", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76112);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2013-6747\", \"CVE-2014-0963\");\n script_bugtraq_id(65156, 67238);\n\n script_name(english:\"IBM DB2 9.1 TLS/SSL Multiple DoS Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple denial of service\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the installation of IBM DB2 running on the\nremote host is version 9.1. It is, therefore, affected by one or more\nof the following vulnerabilities :\n\n - An unspecified error exists related to handling\n malformed certificate chains that could allow denial\n of service attacks. (CVE-2013-6747)\n\n - An unspecified error exists related to the TLS\n implementation that could allow certain error cases to\n cause 100% CPU utilization. (CVE-2014-0963)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21671732\");\n script_set_attribute(attribute:\"solution\", value:\n\"If the install is under an extended support contract, please contact\nthe vendor for a patch.\n\nAlternatively, upgrade to one of the latest supported versions.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:db2\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"db2_das_detect.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/db2das\", 523);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"db2_report_func.inc\");\n\n# There is no information regarding fix build numbers,\n# so this plugin is strictly paranoid-only\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_service(svc:\"db2das\", default:523, exit_on_fail:TRUE);\n\nlevel = get_kb_item_or_exit(\"DB2/\" + port + \"/Level\");\nif (level !~ \"^9\\.1\\.\") audit(AUDIT_NOT_LISTEN, \"DB2 9.1\", port);\n\n# Go ahead and check platform to preserve unknown-platform\n# reporting.\nplatform = get_kb_item_or_exit(\"DB2/\"+port+\"/Platform\");\nplatform_name = get_kb_item(\"DB2/\"+port+\"/Platform_Name\");\nif (isnull(platform_name))\n{\n platform_name = platform;\n report_phrase = \"platform \" + platform;\n}\nelse\n report_phrase = platform_name;\n\n\nvuln = FALSE;\n# Known platforms\nif (\n (\n # Windows\n platform == 5 || platform == 23 ||\n # Linux, 2.6 kernel 32/64-bit\n platform == 18 || platform == 30 ||\n # AIX\n platform == 20\n )\n &&\n level =~ \"^9\\.1\\.\"\n)\n{\n vuln = TRUE;\n}\nelse\n{\n info =\n 'Nessus does not support version checks against ' + report_phrase + '.\\n' +\n 'To help us better identify vulnerable versions, please send the platform\\n' +\n 'number along with details about the platform, including the operating system\\n' +\n 'version, CPU architecture, and DB2 version to db2-platform-info@nessus.org.\\n';\n exit(1, info);\n}\n\nif (vuln)\n{\n report_db2(\n severity : SECURITY_HOLE,\n port : port,\n platform_name : platform_name,\n installed_level : level,\n fixed_level : 'See solution');\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"DB2\", port, level);\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-18T14:33:26", "description": "The remote Windows host has a version of IBM Global Security Kit prior to 7.0.4.50 / 8.0.14.43 / 8.0.50.20. It is, therefore, affected by the following vulnerabilities :\n\n - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076)\n\n - A denial of service vulnerability exists which an attacker can exploit by sending a specially crafted SSL request to cause the host to become unresponsive.\n (CVE-2014-0963)", "cvss3": {}, "published": "2014-06-03T00:00:00", "type": "nessus", "title": "IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0076", "CVE-2014-0963"], "modified": "2019-11-26T00:00:00", "cpe": ["cpe:/a:ibm:global_security_kit"], "id": "IBM_GSKIT_8_0_50_20.NASL", "href": "https://www.tenable.com/plugins/nessus/74287", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74287);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\"CVE-2014-0076\", \"CVE-2014-0963\");\n script_bugtraq_id(66363, 67238);\n\n script_name(english:\"IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple Vulnerabilities\");\n script_summary(english:\"Checks GSKit version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has a library installed that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host has a version of IBM Global Security Kit prior\nto 7.0.4.50 / 8.0.14.43 / 8.0.50.20. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - An error exists related to the implementation of the\n Elliptic Curve Digital Signature Algorithm (ECDSA) that\n could allow nonce disclosure via the 'FLUSH+RELOAD'\n cache side-channel attack. (CVE-2014-0076)\n\n - A denial of service vulnerability exists which an\n attacker can exploit by sending a specially crafted SSL\n request to cause the host to become unresponsive.\n (CVE-2014-0963)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672189\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672950\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21672843\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21671919\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21672843\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673682\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672192\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673749\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673745\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673418\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21671732\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673282\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672192\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673259\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673696\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673245\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673689\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673600\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672869\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673717\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673008\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672724\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673040\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply GSKit 7.0.4.50 / 8.0.14.43 / 8.0.50.20 or later or apply the\nappropriate patch referenced in the advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0076\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/03\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:global_security_kit\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ibm_gskit_installed.nasl\");\n script_require_keys(\"installed_sw/IBM GSKit\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (!get_kb_item(\"SMB/Registry/Enumerated\")) audit(AUDIT_OS_NOT, \"Windows\", \"Linux\");\n\napp = \"IBM GSKit\";\ninstall = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);\n\nversion = install['version'];\npath = install['path'];\nfix = NULL;\n\nif (version =~ '^7\\\\.0\\\\.' && ver_compare(ver:version, fix:'7.0.4.50') < 0)\n fix = '7.0.4.50';\nelse if (version =~ '^8\\\\.0\\\\.14\\\\.' && ver_compare(ver:version, fix:'8.0.14.43') < 0)\n fix = '8.0.14.43';\nelse if (version =~ '^8\\\\.0\\\\.50\\\\.' && ver_compare(ver:version, fix:'8.0.50.20') < 0)\n fix = '8.0.50.20';\nelse\n audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);\n\nport = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix + '\\n';\n\n security_note(port:port, extra:report);\n}\nelse security_note(port);\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-18T14:32:41", "description": "The remote Linux host has a version of IBM Global Security Kit prior to 7.0.4.50 / 8.0.14.43 / 8.0.50.20. It is, therefore, affected by the following vulnerabilities :\n\n - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack. (CVE-2014-0076)\n\n - A denial of service vulnerability exists which an attacker can exploit by sending a specially crafted SSL request to cause the host to become unresponsive.\n (CVE-2014-0963)", "cvss3": {}, "published": "2014-06-03T00:00:00", "type": "nessus", "title": "IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple Vulnerabilities (Linux)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0076", "CVE-2014-0963"], "modified": "2020-10-15T00:00:00", "cpe": ["cpe:/a:ibm:global_security_kit"], "id": "IBM_GSKIT_8_0_50_20_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/74288", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74288);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/15\");\n\n script_cve_id(\"CVE-2014-0076\", \"CVE-2014-0963\");\n script_bugtraq_id(66363, 67238);\n\n script_name(english:\"IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple Vulnerabilities (Linux)\");\n script_summary(english:\"Checks GSKit version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Linux host has a library installed that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Linux host has a version of IBM Global Security Kit prior\nto 7.0.4.50 / 8.0.14.43 / 8.0.50.20. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - An error exists related to the implementation of the\n Elliptic Curve Digital Signature Algorithm (ECDSA) that\n could allow nonce disclosure via the 'FLUSH+RELOAD'\n cache side-channel attack. (CVE-2014-0076)\n\n - A denial of service vulnerability exists which an\n attacker can exploit by sending a specially crafted SSL\n request to cause the host to become unresponsive.\n (CVE-2014-0963)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672189\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672950\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21672843\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21671919\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21672843\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673682\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672192\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673749\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673745\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673418\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21671732\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673282\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672192\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673259\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673696\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673245\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673689\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673600\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672869\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673717\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673008\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672724\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21673040\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply GSKit 7.0.4.50 / 8.0.14.43 / 8.0.50.20 or later or apply the\nappropriate patch referenced in the advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0076\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/03\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:global_security_kit\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"General\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ibm_gskit_installed_nix.nbin\");\n script_require_keys(\"installed_sw/IBM GSKit\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (get_kb_item(\"SMB/Registry/Enumerated\")) audit(AUDIT_OS_NOT, \"Linux\", \"Windows\");\n\napp = \"IBM GSKit\";\ninstall = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);\n\nversion = install['version'];\npath = install['path'];\nfix = NULL;\n\nif (version =~ '^7\\\\.0\\\\.' && ver_compare(ver:version, fix:'7.0.4.50') < 0)\n fix = '7.0.4.50';\nelse if (version =~ '^8\\\\.0\\\\.14\\\\.' && ver_compare(ver:version, fix:'8.0.14.43') < 0)\n fix = '8.0.14.43';\nelse if (version =~ '^8\\\\.0\\\\.50\\\\.' && ver_compare(ver:version, fix:'8.0.50.20') < 0)\n fix = '8.0.50.20';\nelse\n audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix + '\\n';\n\n security_note(port:0, extra:report);\n}\nelse security_note(0);\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-18T14:34:02", "description": "According to its version, the installation of IBM DB2 9.5 running on the remote host is prior or equal to Fix Pack 9 or 10. It is, therefore, reportedly affected by one or more of the following vulnerabilities :\n\n - An unspecified error exists related to handling malformed certificate chains that could allow denial of service attacks. (CVE-2013-6747)\n\n - A build error exists related to libraries in insecure locations that could allow a local user to carry out privilege escalation attacks. Note this issue does not affect the application when running on Microsoft Windows operating systems. (CVE-2014-0907)\n\n - An unspecified error exists related to the TLS implementation that could allow certain error cases to cause 100% CPU utilization. (CVE-2014-0963)", "cvss3": {}, "published": "2014-06-18T00:00:00", "type": "nessus", "title": "IBM DB2 9.5 <= Fix Pack 9 or 10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0907", "CVE-2014-0963"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:ibm:db2"], "id": "DB2_95FP9_MULTI_VULN.NASL", "href": "https://www.tenable.com/plugins/nessus/76113", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76113);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2013-6747\", \"CVE-2014-0907\", \"CVE-2014-0963\");\n script_bugtraq_id(65156, 67238, 67617);\n\n script_name(english:\"IBM DB2 9.5 <= Fix Pack 9 or 10 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the installation of IBM DB2 9.5 running on\nthe remote host is prior or equal to Fix Pack 9 or 10. It is,\ntherefore, reportedly affected by one or more of the following\nvulnerabilities :\n\n - An unspecified error exists related to handling\n malformed certificate chains that could allow denial\n of service attacks. (CVE-2013-6747)\n\n - A build error exists related to libraries in insecure\n locations that could allow a local user to carry out\n privilege escalation attacks. Note this issue does not\n affect the application when running on Microsoft\n Windows operating systems. (CVE-2014-0907)\n\n - An unspecified error exists related to the TLS\n implementation that could allow certain error cases to\n cause 100% CPU utilization. (CVE-2014-0963)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672100\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21671732\");\n script_set_attribute(attribute:\"solution\", value:\n\"Contact the vendor to obtain a special build with the interim fix.\n\nNote that the vendor has posted a workaround for the build error issue\n(CVE-2014-0907) involving the command 'sqllib/bin/db2chglibpath'.\nPlease consult the advisory for detailed instructions.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0907\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:db2\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"db2_das_detect.nasl\");\n script_require_ports(\"Services/db2das\", 523);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"db2_report_func.inc\");\n\nport = get_service(svc:\"db2das\", default:523, exit_on_fail:TRUE);\n\nlevel = get_kb_item_or_exit(\"DB2/\" + port + \"/Level\");\nif (level !~ \"^9\\.5\\.\") audit(AUDIT_NOT_LISTEN, \"DB2 9.5\", port);\n\nplatform = get_kb_item_or_exit(\"DB2/\"+port+\"/Platform\");\nplatform_name = get_kb_item(\"DB2/\"+port+\"/Platform_Name\");\nif (isnull(platform_name))\n{\n platform_name = platform;\n report_phrase = \"platform \" + platform;\n}\nelse\n report_phrase = platform_name;\n\n\nvuln = FALSE;\n# Windows 32-bit/64-bit\nif (platform == 5 || platform == 23)\n{\n # v9.5 <= 9.5 FP10\n fixed_level = '9.5.1000.163';\n if (ver_compare(ver:level, fix:fixed_level) <= 0)\n vuln = TRUE;\n\n # If not paranoid and at 9.5.900.456/9.5.1000.163 already,\n # do not report - we cannot tell if special fix build is there.\n if (\n (level == '9.5.900.456' || level == '9.5.1000.163')\n &&\n report_paranoia < 2\n )\n exit(1, \"Nessus is unable to determine if the patch has been applied or not.\");\n}\n# Others\nelse if (\n # Linux, 2.6 kernel 32/64-bit\n platform == 18 ||\n platform == 30 ||\n # AIX\n platform == 20\n)\n{\n fixed_level = '9.5.0.10';\n if (ver_compare(ver:level, fix:fixed_level) <= 0)\n vuln = FALSE;\n\n # If not paranoid and at 9.5.0.9/9.5.0.10 already,\n # do not report - we cannot tell if FP9a is there.\n if (\n (level == '9.5.0.9' || level == '9.5.0.10')\n &&\n report_paranoia < 2\n )\n exit(1, \"Nessus is unable to determine if the patch has been applied or not.\");\n}\nelse\n{\n info =\n 'Nessus does not support version checks against ' + report_phrase + '.\\n' +\n 'To help us better identify vulnerable versions, please send the platform\\n' +\n 'number along with details about the platform, including the operating system\\n' +\n 'version, CPU architecture, and DB2 version to db2-platform-info@nessus.org.\\n';\n exit(1, info);\n}\n\nif (vuln)\n{\n report_db2(\n severity : SECURITY_HOLE,\n port : port,\n platform_name : platform_name,\n installed_level : level,\n fixed_level : fixed_level);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"DB2\", port, level);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:32:39", "description": "According to its version, the installation of IBM DB2 10.5 running on the remote host is prior to Fix Pack 3a. It is, therefore, affected by one or more of the following vulnerabilities :\n\n - An unspecified error exists related to handling malformed certificate chains that could allow denial of service attacks. (CVE-2013-6747)\n\n - A build error exists related to libraries in insecure locations that could allow a local user to carry out privilege escalation attacks. Note this issue does not affect the application when running on Microsoft Windows operating systems. (CVE-2014-0907)\n\n - An unspecified error exists related to the TLS implementation that could allow certain error cases to cause 100% CPU utilization. (CVE-2014-0963)", "cvss3": {}, "published": "2014-06-18T00:00:00", "type": "nessus", "title": "IBM DB2 10.5 < Fix Pack 3a Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0907", "CVE-2014-0963"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:ibm:db2"], "id": "DB2_105FP3A.NASL", "href": "https://www.tenable.com/plugins/nessus/76111", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76111);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2013-6747\", \"CVE-2014-0907\", \"CVE-2014-0963\");\n script_bugtraq_id(65156, 67238, 67617);\n\n script_name(english:\"IBM DB2 10.5 < Fix Pack 3a Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the installation of IBM DB2 10.5 running on\nthe remote host is prior to Fix Pack 3a. It is, therefore, affected by\none or more of the following vulnerabilities :\n\n - An unspecified error exists related to handling\n malformed certificate chains that could allow denial\n of service attacks. (CVE-2013-6747)\n\n - A build error exists related to libraries in insecure\n locations that could allow a local user to carry out\n privilege escalation attacks. Note this issue does not\n affect the application when running on Microsoft\n Windows operating systems. (CVE-2014-0907)\n\n - An unspecified error exists related to the TLS\n implementation that could allow certain error cases to\n cause 100% CPU utilization. (CVE-2014-0963)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672100\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21671732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-01.ibm.com/support/docview.wss?uid=swg21647054\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg24037555\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply IBM DB2 version 10.5 Fix Pack 3a or later.\n\nAlternatively, in the case of DB2 Version 10.5 Fix Pack 2, contact the\nvendor to obtain a special build with the interim fix.\n\nNote that the vendor has posted a workaround for the build error issue\n(CVE-2014-0907) involving the command 'sqllib/bin/db2chglibpath'.\nPlease consult the advisory for detailed instructions.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0907\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:db2\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"db2_das_detect.nasl\");\n script_require_ports(\"Services/db2das\", 523);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"db2_report_func.inc\");\n\nport = get_service(svc:\"db2das\", default:523, exit_on_fail:TRUE);\n\nlevel = get_kb_item_or_exit(\"DB2/\" + port + \"/Level\");\nif (level !~ \"^10\\.5\\.\") audit(AUDIT_NOT_LISTEN, \"DB2 10.5\", port);\n\nplatform = get_kb_item_or_exit(\"DB2/\"+port+\"/Platform\");\nplatform_name = get_kb_item(\"DB2/\"+port+\"/Platform_Name\");\nif (isnull(platform_name))\n{\n platform_name = platform;\n report_phrase = \"platform \" + platform;\n}\nelse\n report_phrase = platform_name;\n\nvuln = FALSE;\n# Windows 32-bit/64-bit\nif (platform == 5 || platform == 23)\n{\n fixed_level = '10.5.301.84';\n if (ver_compare(ver:level, fix:fixed_level) == -1)\n vuln = TRUE;\n\n # In the case of 10.5 FP2 and a non-paranoid\n # scan, do not report as it's not clear that\n # a special build increases the build level\n if (level == '10.5.200.109' && report_paranoia < 2)\n exit(1, \"Nessus is unable to determine if the patch has been applied or not.\");\n}\n# Others\nelse if (\n # Linux, 2.6 kernel 32/64-bit\n platform == 18 ||\n platform == 30 ||\n # AIX\n platform == 20\n)\n{\n fixed_level = '10.5.0.3';\n if (ver_compare(ver:level, fix:fixed_level) <= 0)\n vuln = TRUE;\n\n # If not paranoid and at 10.5.0.2/10.5.0.3 already,\n # do not report - we cannot tell if special build or\n # FP3a is there.\n if ((level == '10.5.0.2' || level == fixed_level) && report_paranoia < 2)\n exit(1, \"Nessus is unable to determine if the patch has been applied or not.\");\n}\nelse\n{\n info =\n 'Nessus does not support version checks against ' + report_phrase + '.\\n' +\n 'To help us better identify vulnerable versions, please send the platform\\n' +\n 'number along with details about the platform, including the operating system\\n' +\n 'version, CPU architecture, and DB2 version to db2-platform-info@nessus.org.\\n';\n exit(1, info);\n}\n\nif (vuln)\n{\n fixed_level += ' (10.5 Fix Pack 3a)';\n report_db2(\n severity : SECURITY_HOLE,\n port : port,\n platform_name : platform_name,\n installed_level : level,\n fixed_level : fixed_level);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"DB2\", port, level);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:34:02", "description": "According to its version, the installation of DB2 9.7 running on the remote host is prior to Fix Pack 9a. It is, therefore, affected by one or more of the following vulnerabilities :\n\n - An unspecified error exists related to handling malformed certificate chains that allows denial of service attacks. (CVE-2013-6747)\n\n - A build error exists related to libraries in insecure locations that allows a local user to carry out privilege escalation attacks. Note that this issue does not affect the application when running on Microsoft Windows operating systems. (CVE-2014-0907)\n\n - An unspecified error exists related to the TLS implementation that allows certain error cases to cause 100% CPU utilization. (CVE-2014-0963)", "cvss3": {}, "published": "2014-06-18T00:00:00", "type": "nessus", "title": "IBM DB2 9.7 < Fix Pack 9a Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6744", "CVE-2013-6747", "CVE-2014-0907", "CVE-2014-0963"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:ibm:db2"], "id": "DB2_97FP9A.NASL", "href": "https://www.tenable.com/plugins/nessus/76114", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76114);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2013-6744\",\n \"CVE-2013-6747\",\n \"CVE-2014-0907\",\n \"CVE-2014-0963\"\n );\n script_bugtraq_id(\n 65156,\n 67238,\n 67616,\n 67617\n );\n\n script_name(english:\"IBM DB2 9.7 < Fix Pack 9a Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the installation of DB2 9.7 running on the\nremote host is prior to Fix Pack 9a. It is, therefore, affected by one\nor more of the following vulnerabilities :\n\n - An unspecified error exists related to handling\n malformed certificate chains that allows denial\n of service attacks. (CVE-2013-6747)\n\n - A build error exists related to libraries in insecure\n locations that allows a local user to carry out\n privilege escalation attacks. Note that this issue does\n not affect the application when running on Microsoft\n Windows operating systems. (CVE-2014-0907)\n\n - An unspecified error exists related to the TLS\n implementation that allows certain error cases to cause\n 100% CPU utilization. (CVE-2014-0963)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672100\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21671732\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21450666#9a\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg24037559\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply IBM DB2 version 9.7 Fix Pack 9a or later.\n\nAlternatively, in the case of DB2 Version 9.7 Fix Pack 8, contact the\nvendor to obtain a special build with the interim fix.\n\nNote that the vendor has posted a workaround for the build error issue\n(CVE-2014-0907) involving the command 'sqllib/bin/db2chglibpath'.\nPlease consult the advisory for detailed instructions.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-6744\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:db2\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"db2_das_detect.nasl\");\n script_require_ports(\"Services/db2das\", 523);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"db2_report_func.inc\");\n\nport = get_service(svc:\"db2das\", default:523, exit_on_fail:TRUE);\n\nlevel = get_kb_item_or_exit(\"DB2/\" + port + \"/Level\");\nif (level !~ \"^9\\.7\\.\") audit(AUDIT_NOT_LISTEN, \"DB2 9.7\", port);\n\nplatform = get_kb_item_or_exit(\"DB2/\"+port+\"/Platform\");\nplatform_name = get_kb_item(\"DB2/\"+port+\"/Platform_Name\");\nif (isnull(platform_name))\n{\n platform_name = platform;\n report_phrase = \"platform \" + platform;\n}\nelse\n report_phrase = platform_name;\n\n\nvuln = FALSE;\n# Windows 32-bit/64-bit\nif (platform == 5 || platform == 23)\n{\n fixed_level = '9.7.901.409';\n if (ver_compare(ver:level, fix:fixed_level) == -1)\n vuln = TRUE;\n\n # In the case of a non-paranoid scan and FP8,\n # do not report.\n # It's not clear if the special build will\n # change the build level.\n if (level == '9.7.800.717' && report_paranoia < 2)\n exit(1, \"Nessus is unable to determine if the patch has been applied or not.\");\n}\n# Others\nelse if (\n # Linux, 2.6 kernel 32/64-bit\n platform == 18 ||\n platform == 30 ||\n # AIX\n platform == 20\n)\n{\n fixed_level = '9.7.0.9';\n if (ver_compare(ver:level, fix:fixed_level) <= 0)\n vuln = TRUE;\n\n # If not paranoid and at 9.7.0.9/9.7.0.8 already,\n # do not report - we cannot tell if the special\n # build or FP9a is there.\n if ((level == fixed_level || level == '9.7.0.8') && report_paranoia < 2)\n exit(1, \"Nessus is unable to determine if the patch has been applied or not.\");\n}\nelse\n{\n info =\n 'Nessus does not support version checks against ' + report_phrase + '.\\n' +\n 'To help us better identify vulnerable versions, please send the platform\\n' +\n 'number along with details about the platform, including the operating system\\n' +\n 'version, CPU architecture, and DB2 version to db2-platform-info@nessus.org.\\n';\n exit(1, info);\n}\n\nif (vuln)\n{\n report_db2(\n severity : SECURITY_HOLE,\n port : port,\n platform_name : platform_name,\n installed_level : level,\n fixed_level : fixed_level);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"DB2\", port, level);\n", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:32:35", "description": "According to its version, the installation of IBM DB2 10.1 running on the remote host is prior to Fix Pack 3a. It is, therefore, affected by one or more of the following vulnerabilities :\n\n - The included version of GSKit contains an error related to CBC-mode and timing that could allow an attacker to recover plaintext from encrypted communications. (CVE-2013-0169)\n\n - An unspecified error exists related to handling malformed certificate chains that could allow denial of service attacks. (CVE-2013-6747)\n\n - A build error exists related to libraries in insecure locations that could allow a local user to carry out privilege escalation attacks. Note this issue does not affect the application when running on Microsoft Windows operating systems. (CVE-2014-0907)\n\n - An unspecified error exists related to the TLS implementation that could allow certain error cases to cause 100% CPU utilization. (CVE-2014-0963)", "cvss3": {}, "published": "2014-06-18T00:00:00", "type": "nessus", "title": "IBM DB2 10.1 < Fix Pack 3a Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2013-6747", "CVE-2014-0907", "CVE-2014-0963"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:ibm:db2"], "id": "DB2_101FP3A.NASL", "href": "https://www.tenable.com/plugins/nessus/76110", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76110);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2013-0169\",\n \"CVE-2013-6747\",\n \"CVE-2014-0907\",\n \"CVE-2014-0963\"\n );\n script_bugtraq_id(\n 57778,\n 65156,\n 67238,\n 67617\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"IBM DB2 10.1 < Fix Pack 3a Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the installation of IBM DB2 10.1 running on\nthe remote host is prior to Fix Pack 3a. It is, therefore, affected by\none or more of the following vulnerabilities :\n\n - The included version of GSKit contains an error\n related to CBC-mode and timing that could allow an\n attacker to recover plaintext from encrypted\n communications. (CVE-2013-0169)\n\n - An unspecified error exists related to handling\n malformed certificate chains that could allow denial\n of service attacks. (CVE-2013-6747)\n\n - A build error exists related to libraries in insecure\n locations that could allow a local user to carry out\n privilege escalation attacks. Note this issue does not\n affect the application when running on Microsoft\n Windows operating systems. (CVE-2014-0907)\n\n - An unspecified error exists related to the TLS\n implementation that could allow certain error cases to\n cause 100% CPU utilization. (CVE-2014-0963)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672100\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21671732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-01.ibm.com/support/docview.wss?uid=swg21610582\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg24037557\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply IBM DB2 version 10.1 Fix Pack 3a or Fix Pack 4 or later.\n\nNote that the vendor has posted a workaround for the build error issue\n(CVE-2014-0907) involving the command 'sqllib/bin/db2chglibpath'.\nPlease consult the advisory for detailed instructions.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0907\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:db2\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"db2_das_detect.nasl\");\n script_require_ports(\"Services/db2das\", 523);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"db2_report_func.inc\");\n\nport = get_service(svc:\"db2das\", default:523, exit_on_fail:TRUE);\n\nlevel = get_kb_item_or_exit(\"DB2/\" + port + \"/Level\");\nif (level !~ \"^10\\.1\\.\") audit(AUDIT_NOT_LISTEN, \"DB2 10.1\", port);\n\nplatform = get_kb_item_or_exit(\"DB2/\"+port+\"/Platform\");\nplatform_name = get_kb_item(\"DB2/\"+port+\"/Platform_Name\");\nif (isnull(platform_name))\n{\n platform_name = platform;\n report_phrase = \"platform \" + platform;\n}\nelse\n report_phrase = platform_name;\n\nvuln = FALSE;\n# Windows 32-bit/64-bit\nif (platform == 5 || platform == 23)\n{\n fixed_level = '10.1.301.770';\n if (ver_compare(ver:level, fix:fixed_level) == -1)\n vuln = TRUE;\n}\n# Others\nelse if (\n # Linux, 2.6 kernel 32/64-bit\n platform == 18 ||\n platform == 30 ||\n # AIX\n platform == 20\n)\n{\n fixed_level = '10.1.0.3';\n if (ver_compare(ver:level, fix:fixed_level) <= 0)\n vuln = TRUE;\n\n # If not paranoid and at 10.1.0.3 already,\n # do not report - we cannot tell if FP3a is there.\n if (level == fixed_level && report_paranoia < 2)\n exit(1, \"Nessus is unable to determine if the patch has been applied or not.\");\n}\nelse\n{\n info =\n 'Nessus does not support version checks against ' + report_phrase + '.\\n' +\n 'To help us better identify vulnerable versions, please send the platform\\n' +\n 'number along with details about the platform, including the operating system\\n' +\n 'version, CPU architecture, and DB2 version to db2-platform-info@nessus.org.\\n';\n exit(1, info);\n}\n\nif (vuln)\n{\n report_db2(\n severity : SECURITY_HOLE,\n port : port,\n platform_name : platform_name,\n installed_level : level,\n fixed_level : fixed_level);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"DB2\", port, level);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:34:03", "description": "According to its version, the installation of IBM DB2 running on the remote host is version 9.8 prior or equal to Fix Pack 5. It is, therefore, affected by one or more of the following vulnerabilities :\n\n - An unspecified error exists in the GSKit component when initiating SSL/TLS connections due to improper handling of malformed X.509 certificate chains. A remote attacker can exploit this to cause a denial of service.\n (CVE-2013-6747)\n\n - Untrusted search path vulnerabilities exist in unspecified setuid and setgid programs that allow a local attacker to gain root privileges by using a trojan horse library. (CVE-2014-0907)\n\n - An unspecified error exists in the reverse proxy GSKit component that allows a remote attacker to exhaust CPU resources by using crafted SSL messages, resulting in a denial of service. (CVE-2014-0963)\n\n - An unspecified error exists during the handling of SELECT statements with XML/XSLT functions that allows a remote attacker to gain access to arbitrary files.\n (CVE-2014-8910)\n\n - A flaw exists in the LUW component when handling SQL statements with unspecified Scaler functions. A remote, authenticated attacker can exploit this to cause a denial of service. (CVE-2015-0157)\n\n - An unspecified flaw in the General Parallel File System (GPFS) allows a local attacker to gain root privileges.\n CVE-2015-0197)\n\n - A flaw exists in the General Parallel File System (GPFS), related to certain cipherList configurations, that allows a remote attacker, using specially crafted data, to bypass authentication and execute arbitrary programs with root privileges. (CVE-2015-0198)\n\n - A denial of service vulnerability exists in the General Parallel File System (GPFS) that allows a local attacker to corrupt the kernel memory by sending crafted ioctl character device calls to the mmfslinux kernel module.\n (CVE-2015-0199)\n\n - An information disclosure vulnerability exists in the automated maintenance feature. An attacker with elevated privileges, by manipulating a stored procedure, can exploit this issue to disclose arbitrary files owned by the DB2 fenced ID on UNIX/Linux or the administrator on Windows. (CVE-2015-1883)\n\n - A flaw exists in the Data Movement feature when handling specially crafted queries. An authenticated, remote attacker can exploit this to delete database rows from a table without having the appropriate privileges.\n (CVE-2015-1922)\n\n - A flaw exists when handling SQL statements having unspecified LUW Scaler functions. An authenticated, remote attacker can exploit this to run arbitrary code, under the privileges of the DB2 instance owner, or to cause a denial of service. (CVE-2015-1935)", "cvss3": {}, "published": "2014-06-18T00:00:00", "type": "nessus", "title": "IBM DB2 9.8 <= Fix Pack 5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0907", "CVE-2014-0963", "CVE-2014-8910", "CVE-2015-0157", "CVE-2015-0197", "CVE-2015-0198", "CVE-2015-0199", "CVE-2015-1883", "CVE-2015-1922", "CVE-2015-1935"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:ibm:db2"], "id": "DB2_98FP5_MULTI_VULN.NASL", "href": "https://www.tenable.com/plugins/nessus/76115", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76115);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2013-6747\",\n \"CVE-2014-0907\",\n \"CVE-2014-0963\",\n \"CVE-2014-8910\",\n \"CVE-2015-0157\",\n \"CVE-2015-0197\",\n \"CVE-2015-0198\",\n \"CVE-2015-0199\",\n \"CVE-2015-1883\",\n \"CVE-2015-1922\",\n \"CVE-2015-1935\"\n );\n script_bugtraq_id(\n 65156,\n 67238,\n 67617,\n 73278,\n 73282,\n 73283,\n 75908,\n 75911\n );\n\n script_name(english:\"IBM DB2 9.8 <= Fix Pack 5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the installation of IBM DB2 running on the\nremote host is version 9.8 prior or equal to Fix Pack 5. It is,\ntherefore, affected by one or more of the following vulnerabilities :\n\n - An unspecified error exists in the GSKit component when\n initiating SSL/TLS connections due to improper handling\n of malformed X.509 certificate chains. A remote attacker\n can exploit this to cause a denial of service.\n (CVE-2013-6747)\n\n - Untrusted search path vulnerabilities exist in\n unspecified setuid and setgid programs that allow a\n local attacker to gain root privileges by using a\n trojan horse library. (CVE-2014-0907)\n\n - An unspecified error exists in the reverse proxy GSKit\n component that allows a remote attacker to exhaust CPU\n resources by using crafted SSL messages, resulting in a\n denial of service. (CVE-2014-0963)\n\n - An unspecified error exists during the handling of\n SELECT statements with XML/XSLT functions that allows a\n remote attacker to gain access to arbitrary files.\n (CVE-2014-8910)\n\n - A flaw exists in the LUW component when handling SQL\n statements with unspecified Scaler functions. A remote,\n authenticated attacker can exploit this to cause a\n denial of service. (CVE-2015-0157)\n\n - An unspecified flaw in the General Parallel File System\n (GPFS) allows a local attacker to gain root privileges.\n CVE-2015-0197)\n\n - A flaw exists in the General Parallel File System\n (GPFS), related to certain cipherList configurations,\n that allows a remote attacker, using specially crafted\n data, to bypass authentication and execute arbitrary\n programs with root privileges. (CVE-2015-0198)\n\n - A denial of service vulnerability exists in the General\n Parallel File System (GPFS) that allows a local attacker\n to corrupt the kernel memory by sending crafted ioctl\n character device calls to the mmfslinux kernel module.\n (CVE-2015-0199)\n\n - An information disclosure vulnerability exists in the\n automated maintenance feature. An attacker with elevated\n privileges, by manipulating a stored procedure, can\n exploit this issue to disclose arbitrary files owned by\n the DB2 fenced ID on UNIX/Linux or the administrator on\n Windows. (CVE-2015-1883)\n\n - A flaw exists in the Data Movement feature when handling\n specially crafted queries. An authenticated, remote\n attacker can exploit this to delete database rows from a\n table without having the appropriate privileges.\n (CVE-2015-1922)\n\n - A flaw exists when handling SQL statements having\n unspecified LUW Scaler functions. An authenticated,\n remote attacker can exploit this to run arbitrary code,\n under the privileges of the DB2 instance owner, or to\n cause a denial of service. (CVE-2015-1935)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21672100\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21671732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21697987\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21697988\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21698308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21902662\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21959650\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21902661\");\n script_set_attribute(attribute:\"solution\", value:\n\"Contact the vendor to obtain a special build with the interim fix.\n\nNote that the vendor has posted a workaround for the build error issue\n(CVE-2014-0907) involving the command 'sqllib/bin/db2chglibpath'.\nPlease consult the advisory for detailed instructions.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:db2\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"db2_das_detect.nasl\");\n script_require_ports(\"Services/db2das\", 523);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"db2_report_func.inc\");\n\nport = get_service(svc:\"db2das\", default:523, exit_on_fail:TRUE);\n\nlevel = get_kb_item_or_exit(\"DB2/\" + port + \"/Level\");\nif (level !~ \"^9\\.8\\.\") audit(AUDIT_NOT_LISTEN, \"DB2 9.8\", port);\n\nplatform = get_kb_item_or_exit(\"DB2/\"+port+\"/Platform\");\nplatform_name = get_kb_item(\"DB2/\"+port+\"/Platform_Name\");\nif (isnull(platform_name))\n{\n platform_name = platform;\n report_phrase = \"platform \" + platform;\n}\nelse\n report_phrase = platform_name;\n\n\nvuln = FALSE;\n# Note : DB2 9.8x is not available for Windows\nif (\n # Linux, 2.6 kernel 32/64-bit\n platform == 18 ||\n platform == 30 ||\n # AIX\n platform == 20\n)\n{\n fixed_level = '9.8.0.5';\n if (ver_compare(ver:level, fix:fixed_level) <= 0)\n vuln = TRUE;\n\n # If not paranoid and at 9.8.0.5 already,\n # do not report - we cannot tell if a special build is in place.\n if (level == fixed_level && report_paranoia < 2)\n exit(1, \"Nessus is unable to determine if the patch has been applied or not.\");\n}\nelse\n{\n info =\n 'Nessus does not support version checks against ' + report_phrase + '.\\n' +\n 'To help us better identify vulnerable versions, please send the platform\\n' +\n 'number along with details about the platform, including the operating system\\n' +\n 'version, CPU architecture, and DB2 version to db2-platform-info@nessus.org.\\n';\n exit(1, info);\n}\n\nif (vuln)\n{\n report_db2(\n severity : SECURITY_HOLE,\n port : port,\n platform_name : platform_name,\n installed_level : level,\n fixed_level : fixed_level);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"DB2\", port, level);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:36:18", "description": "The remote host appears to be running IBM WebSphere Application Server 8.5 prior to Fix Pack 8.5.5.3. It is, therefore, affected by the following vulnerabilities :\n\n - A flaw exists in the Elliptic Curve Digital Signature Algorithm implementation which could allow a malicious process to recover ECDSA nonces.\n (CVE-2014-0076, PI19700)\n\n - A denial of service flaw exists in the 'mod_log_config' when logging a cookie with an unassigned value. A remote attacker, using a specially crafted request, can cause the program to crash. (CVE-2014-0098, PI13028)\n\n - A denial of service flaw exists within the IBM Security Access Manager for Web with the Reverse Proxy component.\n This could allow a remote attacker, using specially crafted TLS traffic, to cause the application on the system to become unresponsive. (CVE-2014-0963, PI17025)\n\n - An information disclosure flaw exists when handling SOAP responses. This could allow a remote attacker to potentially gain access to sensitive information.\n (CVE-2014-0965, PI11434)\n\n - An information disclosure flaw exists. A remote attacker, using a specially crafted URL, could gain access to potentially sensitive information.\n (CVE-2014-3022, PI09594)\n\n - A flaw exists within the 'addFileRegistryAccount' Virtual Member Manager SPI Admin Task, which creates improper accounts. This could allow a remote attacker to bypass security checks. (CVE-2014-3070, PI16765)\n\n - An unspecified information disclosure flaw exists. This could allow a remote attacker access to gain sensitive information. (CVE-2014-3083, PI17768)\n\n - An information disclosure flaw exists within the 'share/classes/sun/security/rsa/RSACore.java' class related to 'RSA blinding' caused during operations using private keys and measuring timing differences. This could allow a remote attacker to gain information about used keys. (CVE-2014-4244)\n\n - A flaw exists within the 'validateDHPublicKey' function in the 'share/classes/sun/security/util/KeyUtil.java' class which is triggered during the validation of Diffie-Hellman public key parameters. This could allow a remote attacker to recover a key. (CVE-2014-4263)\n\n - A flaw exists within the Load Balancer for IPv4 Dispatcher component. This could allow a remote attacker to crash the Load Balancer. (CVE-2014-4764, PI21189)\n\n - A flaw exists within the Liberty Repository when installing features. This could allow an authenticated remote attacker to install and execute arbitrary code.\n (CVE-2014-4767, PI21284)", "cvss3": {}, "published": "2014-08-29T00:00:00", "type": "nessus", "title": "IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0076", "CVE-2014-0098", "CVE-2014-0963", "CVE-2014-0965", "CVE-2014-3022", "CVE-2014-3070", "CVE-2014-3083", "CVE-2014-4244", "CVE-2014-4263", "CVE-2014-4764", "CVE-2014-4767"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:ibm:websphere_application_server"], "id": "WEBSPHERE_8_5_5_3.NASL", "href": "https://www.tenable.com/plugins/nessus/77438", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77438);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2014-0076\",\n \"CVE-2014-0098\",\n \"CVE-2014-0963\",\n \"CVE-2014-0965\",\n \"CVE-2014-3022\",\n \"CVE-2014-3070\",\n \"CVE-2014-3083\",\n \"CVE-2014-4244\",\n \"CVE-2014-4263\",\n \"CVE-2014-4764\",\n \"CVE-2014-4767\"\n );\n script_bugtraq_id(\n 66303,\n 66363,\n 67238,\n 68210,\n 68211,\n 68624,\n 68636,\n 69296,\n 69297,\n 69298,\n 69301\n );\n\n script_name(english:\"IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.3 Multiple Vulnerabilities\");\n script_summary(english:\"Reads the version number from the SOAP port.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote application server may be affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host appears to be running IBM WebSphere Application Server\n8.5 prior to Fix Pack 8.5.5.3. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - A flaw exists in the Elliptic Curve Digital Signature\n Algorithm implementation which could allow a malicious\n process to recover ECDSA nonces.\n (CVE-2014-0076, PI19700)\n\n - A denial of service flaw exists in the 'mod_log_config'\n when logging a cookie with an unassigned value. A remote\n attacker, using a specially crafted request, can cause\n the program to crash. (CVE-2014-0098, PI13028)\n\n - A denial of service flaw exists within the IBM Security\n Access Manager for Web with the Reverse Proxy component.\n This could allow a remote attacker, using specially\n crafted TLS traffic, to cause the application on the\n system to become unresponsive. (CVE-2014-0963, PI17025)\n\n - An information disclosure flaw exists when handling SOAP\n responses. This could allow a remote attacker to\n potentially gain access to sensitive information.\n (CVE-2014-0965, PI11434)\n\n - An information disclosure flaw exists. A remote\n attacker, using a specially crafted URL, could gain\n access to potentially sensitive information.\n (CVE-2014-3022, PI09594)\n\n - A flaw exists within the 'addFileRegistryAccount'\n Virtual Member Manager SPI Admin Task, which creates\n improper accounts. This could allow a remote attacker\n to bypass security checks. (CVE-2014-3070, PI16765)\n\n - An unspecified information disclosure flaw exists. This\n could allow a remote attacker access to gain sensitive\n information. (CVE-2014-3083, PI17768)\n\n - An information disclosure flaw exists within the\n 'share/classes/sun/security/rsa/RSACore.java' class\n related to 'RSA blinding' caused during operations using\n private keys and measuring timing differences. This\n could allow a remote attacker to gain information about\n used keys. (CVE-2014-4244)\n\n - A flaw exists within the 'validateDHPublicKey' function\n in the 'share/classes/sun/security/util/KeyUtil.java'\n class which is triggered during the validation of\n Diffie-Hellman public key parameters. This could allow a\n remote attacker to recover a key. (CVE-2014-4263)\n\n - A flaw exists within the Load Balancer for IPv4\n Dispatcher component. This could allow a remote attacker\n to crash the Load Balancer. (CVE-2014-4764, PI21189)\n\n - A flaw exists within the Liberty Repository when\n installing features. This could allow an authenticated\n remote attacker to install and execute arbitrary code.\n (CVE-2014-4767, PI21284)\");\n # https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_potential_security_vulnerabilities_fixed_in_ibm_websphere_application_server_8_5_5_3?lang=en_us\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6f6f4bc1\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg24038133\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg27036319#8553\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21681249\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21680418\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Fix Pack 8.5.5.3 for version 8.5 (8.5.0.0) or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-4767\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:websphere_application_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"websphere_detect.nasl\");\n script_require_keys(\"www/WebSphere\");\n script_require_ports(\"Services/www\", 8880, 8881);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:8880, embedded:0);\n\nversion = get_kb_item_or_exit(\"www/WebSphere/\"+port+\"/version\");\nsource = get_kb_item_or_exit(\"www/WebSphere/\"+port+\"/source\");\n\nif (version !~ \"^8\\.5([^0-9]|$)\")\n audit(AUDIT_NOT_LISTEN, \"IBM WebSphere Application Server 8.5\", port);\n\nif (version =~ \"^[0-9]+(\\.[0-9]+)?$\")\n audit(AUDIT_VER_NOT_GRANULAR, \"IBM WebSphere Application Server\", port, version);\n\nfixed = '8.5.5.3';\n\nif (ver_compare(ver:version, fix:fixed, strict:FALSE) < 0)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"IBM WebSphere Application Server\", port, version);\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:39:12", "description": "The remote host appears to be running IBM WebSphere Application Server 7.0 prior to 7.0.0.33. Such versions are potentially affected by multiple vulnerabilities :\n\n - A cross-site scripting (XSS) flaw exists within the Administration Console, where user input is improperly validated. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser/server trust relationship. (CVE-2013-6323, PI04777, PI04880)\n - A denial of service flaw exists within the Global Security Kit when handling SSLv2 resumption during the SSL/TLS handshake. This could allow a remote attacker to crash the program. (CVE-2013-6329, PI05309)\n - A buffer overflow flaw exists in the HTTP server with the 'mod_dav' module when using add-ons. This could allow a remote attacker to cause a buffer overflow and a denial of service. (CVE-2013-6438, PI09345)\n - An XSS flaw exists within 'OAuth' where user input is not properly validated. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser/server trust relationship. (CVE-2013-6738, PI05661)\n - A denial of service (DoS) flaw exists within the Global Security Kit when handling the X.509 certificate chain during the initiation of an SSL/TLS connection. A remote attacker, using a malformed certificate chain, could cause the client or server to crash by hanging the Global Security Kit. (CVE-2013-6747, PI09443)\n - A DoS flaw exists within the Apache Commons 'FileUpload' when parsing a content-type header for a multipart request. A remote attacker, using a specially crafted request, could crash the program. (CVE-2014-0050, PI12648, PI12926 and PI13162)\n - A DoS flaw exists in the 'mod_log_config' when logging a cookie with an unassigned value. A remote attacker, using a specially crafted request, can cause the program to crash. (CVE-2014-0098, PI13028)\n - A remote code execution flaw exists with Apache Struts. The failure to restrict setting of class loader attributes could allow a remote attacker to execute arbitrary script code. (CVE-2014-0114, PI17190)\n - An information disclosure flaw exists in the 'sun.security.rsa.RSAPadding' with 'PKCS#1' unpadding. This many allow a remote attacker to gain timing information intended to be protected by encryption. (CVE-2014-0453)\n - A flaw exists within 'com.sun.jndi.dns.DnsClient' related to the randomization of query IDs. This could allow a remote attacker to conduct spoofing attacks. (CVE-2014-0460)\n - A DoS flaw exists in a web server plugin on servers configured to retry failed POST requests. This could allow a remote attacker to crash the application. (CVE-2014-0859, PI08892)\n - A flaw exists with the 'IBMJCE' and 'IBMSecureRandom' cryptographic providers by generating numbers in a predictable manner. This could allow a remote attacker to easily guess the output of the random number generator. (CVE-2014-0878)\n - An information disclosure flaw exists within Proxy and ODR servers. This could allow a remote attacker, using a specially crafted request, to gain access to potentially sensitive information. (CVE-2014-0891, PI09786)\n - A DoS flaw exists within the IBM Security Access Manager for Web with the Reverse Proxy component. This could allow a remote attacker, using specially crafted TLS traffic, to cause the application on the system to become unresponsive. (CVE-2014-0963, PI17025)\n - An information disclosure flaw exists when handling SOAP responses. This could allow a remote attacker to potentially gain access to sensitive information. (CVE-2014-0965, PI11434)\n - An information disclosure flaw exists. A remote attacker, using a specially crafted URL, could gain access to potentially sensitive information. (CVE-2014-3022, PI09594)\n - An unspecified flaw exists that may allow an attacker to gain elevated privileges. No further details have been provided.", "cvss3": {}, "published": "2016-10-26T00:00:00", "type": "nessus", "title": "IBM WebSphere Application Server 7.0 < 7.0.0.33 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0114", "CVE-2013-6438", "CVE-2014-0098", "CVE-2014-0050", "CVE-2014-0453", "CVE-2014-0460", "CVE-2014-0878", "CVE-2014-3022", "CVE-2014-0859", "CVE-2014-0891", "CVE-2014-0965", "CVE-2013-6738", "CVE-2013-6323", "CVE-2013-6329", "CVE-2014-0963", "CVE-2013-6747"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*"], "id": "9699.PRM", "href": "https://www.tenable.com/plugins/nnm/9699", "sourceData": "Binary data 9699.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:35:36", "description": "IBM WebSphere Application Server 7.0 prior to Fix Pack 33 is running on the remote host. It is, therefore, affected by the following vulnerabilities :\n\n - A cross-site scripting flaw exists within the Administration Console, where user input is improperly validated. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser / server trust relationship.\n (CVE-2013-6323, PI04777 and PI04880)\n\n - A denial of service flaw exists within the Global Security Kit when handling SSLv2 resumption during the SSL/TLS handshake. This could allow a remote attacker to crash the program. (CVE-2013-6329, PI05309)\n\n - A buffer overflow flaw exists in the HTTP server with the mod_dav module when using add-ons. This could allow a remote attacker to cause a buffer overflow and a denial of service. (CVE-2013-6438, PI09345)\n\n - A cross-site scripting flaw exists within OAuth where user input is not properly validated. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser / server trust relationship. (CVE-2013-6738, PI05661)\n\n - A denial of service flaw exists within the Global Security Kit when handling X.509 certificate chain during the initiation of an SSL/TLS connection. A remote attacker, using a malformed certificate chain, could cause the client or server to crash by hanging the Global Security Kit. (CVE-2013-6747, PI09443)\n\n - A denial of service flaw exists within the Apache Commons FileUpload when parsing a content-type header for a multipart request. A remote attacker, using a specially crafted request, could crash the program.\n (CVE-2014-0050, PI12648, PI12926 and PI13162)\n\n - A denial of service flaw exists in the 'mod_log_config' when logging a cookie with an unassigned value. A remote attacker, using a specially crafted request, can cause the program to crash. (CVE-2014-0098, PI13028)\n\n - A remote code execution flaw exists with Apache Struts.\n The failure to restrict setting of Class loader attributes could allow a remote attacker to execute arbitrary script code. (CVE-2014-0114, PI17190)\n\n - An information disclosure flaw exists in the 'sun.security.rsa.RSAPadding' with 'PKCS#1' unpadding.\n This many allow a remote attacker to gain timing information intended to be protected by encryption.\n (CVE-2014-0453)\n\n - A flaw exists within 'com.sun.jndi.dns.DnsClient' related to the randomization of query IDs. This could allow a remote attacker to conduct spoofing attacks.\n (CVE-2014-0460)\n\n - A denial of service flaw exists in a web server plugin on servers configured to retry failed POST request. This could allow a remote attacker to crash the application.\n (CVE-2014-0859, PI08892)\n\n - A flaw exists with the 'IBMJCE' and 'IBMSecureRandom' cryptographic providers by generating numbers in a predictable manner. This could allow a remote attacker to easily guess the output of the random number generator. (CVE-2014-0878)\n\n - An information disclosure flaw exists within Proxy and ODR servers. This could allow a remote attacker, using a specially crafted request, to gain access to potentially sensitive information. (CVE-2014-0891, PI09786)\n\n - A denial of service flaw exists within the IBM Security Access Manager for Web with the Reverse Proxy component.\n This could allow a remote attacker, using specially crafted TLS traffic, to cause the application on the system to become unresponsive. (CVE-2014-0963, PI17025)\n\n - An information disclosure flaw exists when handling SOAP responses. This could allow a remote attacker to potentially gain access to sensitive information.\n (CVE-2014-0965, PI11434)\n\n - An information disclosure flaw exists. A remote attacker, using a specially crafted URL, could gain access to potentially sensitive information.\n (CVE-2014-3022, PI09594)", "cvss3": {}, "published": "2014-08-01T00:00:00", "type": "nessus", "title": "IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6323", "CVE-2013-6329", "CVE-2013-6438", "CVE-2013-6738", "CVE-2013-6747", "CVE-2014-0050", "CVE-2014-0098", "CVE-2014-0114", "CVE-2014-0453", "CVE-2014-0460", "CVE-2014-0859", "CVE-2014-0878", "CVE-2014-0891", "CVE-2014-0963", "CVE-2014-0965", "CVE-2014-3022"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:ibm:websphere_application_server"], "id": "WEBSPHERE_7_0_0_33.NASL", "href": "https://www.tenable.com/plugins/nessus/76967", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76967);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2013-6323\",\n \"CVE-2013-6329\",\n \"CVE-2013-6438\",\n \"CVE-2013-6738\",\n \"CVE-2013-6747\",\n \"CVE-2014-0050\",\n \"CVE-2014-0098\",\n \"CVE-2014-0114\",\n \"CVE-2014-0453\",\n \"CVE-2014-0460\",\n \"CVE-2014-0859\",\n \"CVE-2014-0878\",\n \"CVE-2014-0891\",\n \"CVE-2014-0963\",\n \"CVE-2014-0965\",\n \"CVE-2014-3022\"\n );\n script_bugtraq_id(\n 64249,\n 65156,\n 65400,\n 66303,\n 66914,\n 66916,\n 67051,\n 67121,\n 67238,\n 67335,\n 67579,\n 67601,\n 67720,\n 68210,\n 68211\n );\n\n script_name(english:\"IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities\");\n script_summary(english:\"Reads the version number from the SOAP port.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote application server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"IBM WebSphere Application Server 7.0 prior to Fix Pack 33 is running\non the remote host. It is, therefore, affected by the following\nvulnerabilities :\n\n - A cross-site scripting flaw exists within the\n Administration Console, where user input is improperly\n validated. This could allow a remote attacker, with a\n specially crafted request, to execute arbitrary script\n code within the browser / server trust relationship.\n (CVE-2013-6323, PI04777 and PI04880)\n\n - A denial of service flaw exists within the Global\n Security Kit when handling SSLv2 resumption during the\n SSL/TLS handshake. This could allow a remote attacker\n to crash the program. (CVE-2013-6329, PI05309)\n\n - A buffer overflow flaw exists in the HTTP server with\n the mod_dav module when using add-ons. This could allow\n a remote attacker to cause a buffer overflow and a\n denial of service. (CVE-2013-6438, PI09345)\n\n - A cross-site scripting flaw exists within OAuth where\n user input is not properly validated. This could allow\n a remote attacker, with a specially crafted request, to\n execute arbitrary script code within the browser /\n server trust relationship. (CVE-2013-6738, PI05661)\n\n - A denial of service flaw exists within the Global\n Security Kit when handling X.509 certificate chain\n during the initiation of an SSL/TLS connection. A remote\n attacker, using a malformed certificate chain, could\n cause the client or server to crash by hanging the\n Global Security Kit. (CVE-2013-6747, PI09443)\n\n - A denial of service flaw exists within the Apache\n Commons FileUpload when parsing a content-type header\n for a multipart request. A remote attacker, using a\n specially crafted request, could crash the program.\n (CVE-2014-0050, PI12648, PI12926 and PI13162)\n\n - A denial of service flaw exists in the 'mod_log_config'\n when logging a cookie with an unassigned value. A remote\n attacker, using a specially crafted request, can cause\n the program to crash. (CVE-2014-0098, PI13028)\n\n - A remote code execution flaw exists with Apache Struts.\n The failure to restrict setting of Class loader\n attributes could allow a remote attacker to\n execute arbitrary script code. (CVE-2014-0114, PI17190)\n\n - An information disclosure flaw exists in the\n 'sun.security.rsa.RSAPadding' with 'PKCS#1' unpadding.\n This many allow a remote attacker to gain timing\n information intended to be protected by encryption.\n (CVE-2014-0453)\n\n - A flaw exists within 'com.sun.jndi.dns.DnsClient'\n related to the randomization of query IDs. This could \n allow a remote attacker to conduct spoofing attacks.\n (CVE-2014-0460)\n\n - A denial of service flaw exists in a web server plugin\n on servers configured to retry failed POST request. This\n could allow a remote attacker to crash the application.\n (CVE-2014-0859, PI08892)\n\n - A flaw exists with the 'IBMJCE' and 'IBMSecureRandom'\n cryptographic providers by generating numbers in a\n predictable manner. This could allow a remote attacker\n to easily guess the output of the random number\n generator. (CVE-2014-0878)\n\n - An information disclosure flaw exists within Proxy and\n ODR servers. This could allow a remote attacker, using a\n specially crafted request, to gain access to potentially\n sensitive information. (CVE-2014-0891, PI09786)\n\n - A denial of service flaw exists within the IBM Security\n Access Manager for Web with the Reverse Proxy component.\n This could allow a remote attacker, using specially\n crafted TLS traffic, to cause the application on the\n system to become unresponsive. (CVE-2014-0963, PI17025)\n\n - An information disclosure flaw exists when handling SOAP\n responses. This could allow a remote attacker to\n potentially gain access to sensitive information.\n (CVE-2014-0965, PI11434)\n\n - An information disclosure flaw exists. A remote\n attacker, using a specially crafted URL, could gain\n access to potentially sensitive information.\n (CVE-2014-3022, PI09594)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21676091\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21659548\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21663941\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21667254\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21667526\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21672843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21672316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673013\");\n script_set_attribute(attribute:\"solution\", value:\n\"If using WebSphere Application Server, apply Fix Pack 33 (7.0.0.33) or\nlater.\n\nOtherwise, if using embedded WebSphere Application Server packaged\nwith Tivoli Directory Server, apply the latest recommended eWAS fix\npack.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0114\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Apache Struts ClassLoader Manipulation Remote Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:websphere_application_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"websphere_detect.nasl\");\n script_require_keys(\"www/WebSphere\");\n script_require_ports(\"Services/www\", 8880, 8881);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:8880, embedded:0);\n\nversion = get_kb_item_or_exit(\"www/WebSphere/\"+port+\"/version\");\nif (version !~ \"^7\\.0([^0-9]|$)\") audit(AUDIT_NOT_LISTEN, \"IBM WebSphere Application Server 7.0\", port);\nif (version =~ \"^[0-9]+(\\.[0-9]+)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"IBM WebSphere Application Server\", port, version);\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (ver[0] == 7 && ver[1] == 0 && ver[2] == 0 && ver[3] < 33)\n{\n set_kb_item(name:'www/'+port+'/XSS', value:TRUE);\n\n if (report_verbosity > 0)\n {\n source = get_kb_item_or_exit(\"www/WebSphere/\"+port+\"/source\");\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 7.0.0.33' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"IBM WebSphere Application Server\", port, version);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T16:36:42", "description": "IBM WebSphere Application Server 8.0 prior to Fix Pack 9 is running on the remote host. It is, therefore, affected by the following vulnerabilities :\n\n - A cross-site scripting flaw exists within the Administration Console, where user input is improperly validated. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser / server trust relationship.\n (CVE-2013-6323, PI04777 and PI04880)\n\n - A denial of service flaw exists within the Global Security Kit when handling SSLv2 resumption during the SSL/TLS handshake. This could allow a remote attacker to crash the program. (CVE-2013-6329, PI05309)\n\n - A buffer overflow flaw exists in the HTTP server with the mod_dav module when using add-ons. This could allow a remote attacker to cause a buffer overflow and a denial of service. (CVE-2013-6438, PI09345)\n\n - A cross-site scripting flaw exists within OAuth where user input is not properly validated. This could allow a remote attacker, with a specially crafted request, to execute arbitrary script code within the browser / server trust relationship. (CVE-2013-6738, PI05661)\n\n - A denial of service flaw exists within the Global Security Kit when handling X.509 certificate chain during the initiation of a SSL/TLS connection. A remote attacker, using a malformed certificate chain, could cause the client or server to crash by hanging the Global Security Kit. (CVE-2013-6747, PI09443)\n\n - A denial of service flaw exists within the Apache Commons FileUpload when parsing a content-type header for a multipart request. A remote attacker, using a specially crafted request, could crash the program.\n (CVE-2014-0050, PI12648, PI12926 and PI13162)\n\n - A flaw exists in the Elliptic Curve Digital Signature Algorithm implementation which could allow a malicious process to recover ECDSA nonces.\n (CVE-2014-0076, PI19700)\n\n - A denial of service flaw exists in the 'mod_log_config' when logging a cookie with an unassigned value. A remote attacker, using a specially crafted request, can cause the program to crash. (CVE-2014-0098, PI13028)\n\n - An information disclosure flaw exists in the 'sun.security.rsa.RSAPadding' with 'PKCS#1' unpadding.\n This many allow a remote attacker to gain timing information intended to be protected by encryption.\n (CVE-2014-0453)\n\n - A flaw exists with 'com.sun.jndi.dns.DnsClient' related to the randomization of query IDs. This could allow a remote attacker to conduct spoofing attacks.\n (CVE-2014-0460)\n\n - A flaw exists in the Full and Liberty profiles. A remote attacker, using a specially crafted request, could gain access to arbitrary files. (CVE-2014-0823, PI05324)\n\n - An information disclosure flaw exists within the Administrative Console. This could allow a network attacker, using a specially crafted request, to gain privileged access. (CVE-2014-0857, PI07808)\n\n - A denial of service flaw exists in a web server plugin on servers configured to retry failed POST request. This could allow a remote attacker to crash the application.\n (CVE-2014-0859, PI08892)\n\n - An information disclosure flaw exists within Proxy and ODR servers. This could allow a remote attacker, using a specially crafted request, to gain access to potentially sensitive information. (CVE-2014-0891, PI09786)\n\n - A denial of service flaw exists within the IBM Security Access Manager for Web with the Reverse Proxy component.\n This could allow a remote attacker, using specially crafted TLS traffic, to cause the application on the system to become unresponsive. (CVE-2014-0963, PI17025)\n\n - An information disclosure flaw exists when handling SOAP responses. This could allow a remote attacker to potentially gain access to sensitive information.\n (CVE-2014-0965, PI11434)\n\n - An information disclosure flaw exists. A remote attacker, using a specially crafted URL, could gain access to potentially sensitive information.\n (CVE-2014-3022, PI09594)", "cvss3": {}, "published": "2014-08-04T00:00:00", "type": "nessus", "title": "IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6323", "CVE-2013-6329", "CVE-2013-6438", "CVE-2013-6738", "CVE-2013-6747", "CVE-2014-0050", "CVE-2014-0076", "CVE-2014-0098", "CVE-2014-0453", "CVE-2014-0460", "CVE-2014-0823", "CVE-2014-0857", "CVE-2014-0859", "CVE-2014-0878", "CVE-2014-0891", "CVE-2014-0963", "CVE-2014-0965", "CVE-2014-3022"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:ibm:websphere_application_server"], "id": "WEBSPHERE_8_0_0_9.NASL", "href": "https://www.tenable.com/plugins/nessus/76995", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76995);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2013-6323\",\n \"CVE-2013-6329\",\n \"CVE-2013-6438\",\n \"CVE-2013-6738\",\n \"CVE-2013-6747\",\n \"CVE-2014-0050\",\n \"CVE-2014-0076\",\n \"CVE-2014-0098\",\n \"CVE-2014-0453\",\n \"CVE-2014-0460\",\n \"CVE-2014-0823\",\n \"CVE-2014-0857\",\n \"CVE-2014-0859\",\n \"CVE-2014-0878\",\n \"CVE-2014-0891\",\n \"CVE-2014-0963\",\n \"CVE-2014-0965\",\n \"CVE-2014-3022\"\n );\n script_bugtraq_id(\n 64249,\n 65156,\n 65400,\n 66303,\n 66914,\n 66916,\n 67051,\n 67238,\n 67327,\n 67329,\n 67335,\n 67579,\n 67601,\n 67720,\n 68210,\n 68211\n );\n\n script_name(english:\"IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple Vulnerabilities\");\n script_summary(english:\"Reads the version number from the SOAP port.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote application server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"IBM WebSphere Application Server 8.0 prior to Fix Pack 9 is running on\nthe remote host. It is, therefore, affected by the following\nvulnerabilities :\n\n - A cross-site scripting flaw exists within the\n Administration Console, where user input is improperly\n validated. This could allow a remote attacker, with a\n specially crafted request, to execute arbitrary script\n code within the browser / server trust relationship.\n (CVE-2013-6323, PI04777 and PI04880)\n\n - A denial of service flaw exists within the Global\n Security Kit when handling SSLv2 resumption during the\n SSL/TLS handshake. This could allow a remote attacker\n to crash the program. (CVE-2013-6329, PI05309)\n\n - A buffer overflow flaw exists in the HTTP server with\n the mod_dav module when using add-ons. This could allow\n a remote attacker to cause a buffer overflow and a\n denial of service. (CVE-2013-6438, PI09345)\n\n - A cross-site scripting flaw exists within OAuth where\n user input is not properly validated. This could allow\n a remote attacker, with a specially crafted request, to\n execute arbitrary script code within the browser /\n server trust relationship. (CVE-2013-6738, PI05661)\n\n - A denial of service flaw exists within the Global\n Security Kit when handling X.509 certificate chain\n during the initiation of a SSL/TLS connection. A remote\n attacker, using a malformed certificate chain, could\n cause the client or server to crash by hanging the\n Global Security Kit. (CVE-2013-6747, PI09443)\n\n - A denial of service flaw exists within the Apache\n Commons FileUpload when parsing a content-type header\n for a multipart request. A remote attacker, using a\n specially crafted request, could crash the program.\n (CVE-2014-0050, PI12648, PI12926 and PI13162)\n\n - A flaw exists in the Elliptic Curve Digital Signature\n Algorithm implementation which could allow a malicious\n process to recover ECDSA nonces.\n (CVE-2014-0076, PI19700)\n\n - A denial of service flaw exists in the 'mod_log_config'\n when logging a cookie with an unassigned value. A remote\n attacker, using a specially crafted request, can cause\n the program to crash. (CVE-2014-0098, PI13028)\n\n - An information disclosure flaw exists in the\n 'sun.security.rsa.RSAPadding' with 'PKCS#1' unpadding.\n This many allow a remote attacker to gain timing\n information intended to be protected by encryption.\n (CVE-2014-0453)\n\n - A flaw exists with 'com.sun.jndi.dns.DnsClient' related\n to the randomization of query IDs. This could allow a\n remote attacker to conduct spoofing attacks.\n (CVE-2014-0460)\n\n - A flaw exists in the Full and Liberty profiles. A remote\n attacker, using a specially crafted request, could gain\n access to arbitrary files. (CVE-2014-0823, PI05324)\n\n - An information disclosure flaw exists within the\n Administrative Console. This could allow a network\n attacker, using a specially crafted request, to gain\n privileged access. (CVE-2014-0857, PI07808)\n\n - A denial of service flaw exists in a web server plugin\n on servers configured to retry failed POST request. This\n could allow a remote attacker to crash the application.\n (CVE-2014-0859, PI08892)\n\n - An information disclosure flaw exists within Proxy and\n ODR servers. This could allow a remote attacker, using a\n specially crafted request, to gain access to potentially\n sensitive information. (CVE-2014-0891, PI09786)\n\n - A denial of service flaw exists within the IBM Security\n Access Manager for Web with the Reverse Proxy component.\n This could allow a remote attacker, using specially\n crafted TLS traffic, to cause the application on the\n system to become unresponsive. (CVE-2014-0963, PI17025)\n\n - An information disclosure flaw exists when handling SOAP\n responses. This could allow a remote attacker to\n potentially gain access to sensitive information.\n (CVE-2014-0965, PI11434)\n\n - An information disclosure flaw exists. A remote\n attacker, using a specially crafted URL, could gain\n access to potentially sensitive information.\n (CVE-2014-3022, PI09594)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21676092\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21659548\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21663941\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21667254\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21667526\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21672843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www-304.ibm.com/support/docview.wss?uid=swg21673013\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Fix Pack 9 for version 8.0 (8.0.0.9) or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0050\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:websphere_application_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"websphere_detect.nasl\");\n script_require_keys(\"www/WebSphere\");\n script_require_ports(\"Services/www\", 8880, 8881);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:8880, embedded:0);\n\nversion = get_kb_item_or_exit(\"www/WebSphere/\"+port+\"/version\");\nif (version !~ \"^8\\.0([^0-9]|$)\") audit(AUDIT_NOT_LISTEN, \"IBM WebSphere Application Server 8.0\", port);\nif (version =~ \"^[0-9]+(\\.[0-9]+)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"IBM WebSphere Application Server\", port, version);\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (ver[0] == 8 && ver[1] == 0 && ver[2] == 0 && ver[3] < 9)\n{\n set_kb_item(name:\"www/\"+port+\"/XSS\", value:TRUE);\n\n if (report_verbosity > 0)\n {\n source = get_kb_item_or_exit(\"www/WebSphere/\"+port+\"/source\");\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 8.0.0.9' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"IBM WebSphere Application Server\", port, version);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-18T14:37:41", "description": "According to its version, the IBM Domino (formerly IBM Lotus Domino) application on the remote host is 9.x prior to 9.0.1 Fix Pack 2 (FP2).\nIt is, therefore, affected by the following vulnerabilities :\n\n - An unspecified error exists related to the TLS implementation and the IBM HTTP server that could allow certain error cases to cause 100% CPU utilization. Note that this issue only affects Microsoft Windows hosts.\n (CVE-2014-0963)\n\n - Fixes in the Oracle Java CPU for April 2014 are included in the fixed IBM Java release, which is included in the fixed IBM Domino release.\n (CVE-2013-6629, CVE-2013-6954, CVE-2014-0429, CVE-2014-0446, CVE-2014-0448, CVE-2014-0449, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0454, CVE-2014-0455, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-1876, CVE-2014-2398, CVE-2014-2401, CVE-2014-2402, CVE-2014-2409, CVE-2014-2412, CVE-2014-2414, CVE-2014-2420, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427, CVE-2014-2428)", "cvss3": {}, "published": "2014-09-23T00:00:00", "type": "nessus", "title": "IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6629", "CVE-2013-6954", "CVE-2014-0429", "CVE-2014-0446", "CVE-2014-0448", "CVE-2014-0449", "CVE-2014-0451", "CVE-2014-0452", "CVE-2014-0453", "CVE-2014-0454", "CVE-2014-0455", "CVE-2014-0457", "CVE-2014-0458", "CVE-2014-0459", "CVE-2014-0460", "CVE-2014-0461", "CVE-2014-0963", "CVE-2014-1876", "CVE-2014-2398", "CVE-2014-2401", "CVE-2014-2402", "CVE-2014-2409", "CVE-2014-2412", "CVE-2014-2414", "CVE-2014-2420", "CVE-2014-2421", "CVE-2014-2423", "CVE-2014-2427", "CVE-2014-2428"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:ibm:domino"], "id": "DOMINO_9_0_1_FP2.NASL", "href": "https://www.tenable.com/plugins/nessus/77810", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77810);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2013-6629\",\n \"CVE-2013-6954\",\n \"CVE-2014-0429\",\n \"CVE-2014-0446\",\n \"CVE-2014-0448\",\n \"CVE-2014-0449\",\n \"CVE-2014-0451\",\n \"CVE-2014-0452\",\n \"CVE-2014-0453\",\n \"CVE-2014-0454\",\n \"CVE-2014-0455\",\n \"CVE-2014-0457\",\n \"CVE-2014-0458\",\n \"CVE-2014-0459\",\n \"CVE-2014-0460\",\n \"CVE-2014-0461\",\n \"CVE-2014-0963\",\n \"CVE-2014-1876\",\n \"CVE-2014-2398\",\n \"CVE-2014-2401\",\n \"CVE-2014-2402\",\n \"CVE-2014-2409\",\n \"CVE-2014-2412\",\n \"CVE-2014-2414\",\n \"CVE-2014-2420\",\n \"CVE-2014-2421\",\n \"CVE-2014-2423\",\n \"CVE-2014-2427\",\n \"CVE-2014-2428\"\n );\n script_bugtraq_id(\n 63676,\n 64493,\n 65568,\n 66856,\n 66866,\n 66870,\n 66873,\n 66879,\n 66881,\n 66883,\n 66887,\n 66891,\n 66894,\n 66898,\n 66899,\n 66902,\n 66903,\n 66904,\n 66905,\n 66907,\n 66909,\n 66910,\n 66911,\n 66914,\n 66915,\n 66916,\n 66919,\n 66920,\n 67238\n );\n\n script_name(english:\"IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has software installed that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the IBM Domino (formerly IBM Lotus Domino)\napplication on the remote host is 9.x prior to 9.0.1 Fix Pack 2 (FP2).\nIt is, therefore, affected by the following vulnerabilities :\n\n - An unspecified error exists related to the TLS\n implementation and the IBM HTTP server that could allow\n certain error cases to cause 100% CPU utilization. Note\n that this issue only affects Microsoft Windows hosts.\n (CVE-2014-0963)\n\n - Fixes in the Oracle Java CPU for April 2014 are included\n in the fixed IBM Java release, which is included in the\n fixed IBM Domino release.\n (CVE-2013-6629, CVE-2013-6954, CVE-2014-0429,\n CVE-2014-0446, CVE-2014-0448, CVE-2014-0449,\n CVE-2014-0451, CVE-2014-0452, CVE-2014-0453,\n CVE-2014-0454, CVE-2014-0455, CVE-2014-0457,\n CVE-2014-0458, CVE-2014-0459, CVE-2014-0460,\n CVE-2014-0461, CVE-2014-1876, CVE-2014-2398,\n CVE-2014-2401, CVE-2014-2402, CVE-2014-2409,\n CVE-2014-2412, CVE-2014-2414, CVE-2014-2420,\n CVE-2014-2421, CVE-2014-2423, CVE-2014-2427,\n CVE-2014-2428)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21681114\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg24037141\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM Domino 9.0.1 FP2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:domino\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"domino_installed.nasl\");\n script_require_keys(\"Domino/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check the version of Domino installed.\napp_name = \"IBM Domino\";\nver = get_kb_item_or_exit(\"Domino/Version\");\nport = get_kb_item(\"Domino/Version_provided_by_port\");\nif (!port) port = 0;\nversion = NULL;\nfix = NULL;\nfix_ver = NULL;\nfix_pack = NULL;\nhotfix = NULL;\n\n# Ensure sufficient granularity.\nif (ver !~ \"^(\\d+\\.){1,}\\d+.*$\") audit(AUDIT_VER_NOT_GRANULAR, app_name, port, ver);\n\n# Only check for 9.0.x\nif (ver =~ \"^9\\.0($|[^0-9])\")\n{\n fix = \"9.0.1 FP2\";\n fix_ver = \"9.0.1\";\n fix_pack = 2;\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, ver);\n\n# Breakdown the version into components.\nversion = eregmatch(string:ver, pattern:\"^((?:\\d+\\.){1,}\\d+)(?: FP(\\d+))?$\");\nif (isnull(version)) audit(AUDIT_UNKNOWN_APP_VER, app_name);\n\n# Use 0 if no FP number. Version number itself was\n# checked for in the granularity check.\nif (!version[2]) version[2] = 0;\nelse version[2] = int(version[2]);\n\n# Compare current to fix and report as needed.\nif (\n ver_compare(ver:version[1], fix:fix_ver, strict:FALSE) < 1 &&\n version[2] < fix_pack\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n' +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port:port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, ver);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:37:42", "description": "The remote host has a version of IBM Notes (formerly Lotus Notes) 9.0.x prior to 9.0.1 Fix Pack 2 (FP2) installed. It is, therefore, affected by the following vulnerabilities :\n\n - An unspecified error exists related to the TLS implementation and the IBM HTTP server that could allow certain error cases to cause 100% CPU utilization. Note this issue only affects Microsoft Windows hosts.\n (CVE-2014-0963)\n\n - Fixes in the Oracle Java CPU for April 2014 are included in the fixed IBM Java release, which is included in the fixed IBM Domino release.\n (CVE-2013-6629, CVE-2013-6954, CVE-2014-0429, CVE-2014-0446, CVE-2014-0448, CVE-2014-0449, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0454, CVE-2014-0455, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-1876, CVE-2014-2398, CVE-2014-2401, CVE-2014-2402, CVE-2014-2409, CVE-2014-2412, CVE-2014-2414, CVE-2014-2420, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427, CVE-2014-2428)", "cvss3": {}, "published": "2014-09-23T00:00:00", "type": "nessus", "title": "IBM Notes 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6629", "CVE-2013-6954", "CVE-2014-0429", "CVE-2014-0446", "CVE-2014-0448", "CVE-2014-0449", "CVE-2014-0451", "CVE-2014-0452", "CVE-2014-0453", "CVE-2014-0454", "CVE-2014-0455", "CVE-2014-0457", "CVE-2014-0458", "CVE-2014-0459", "CVE-2014-0460", "CVE-2014-0461", "CVE-2014-0963", "CVE-2014-1876", "CVE-2014-2398", "CVE-2014-2401", "CVE-2014-2402", "CVE-2014-2409", "CVE-2014-2412", "CVE-2014-2414", "CVE-2014-2420", "CVE-2014-2421", "CVE-2014-2423", "CVE-2014-2427", "CVE-2014-2428"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/a:ibm:notes"], "id": "IBM_NOTES_9_0_1_FP2.NASL", "href": "https://www.tenable.com/plugins/nessus/77812", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77812);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/07/12 19:01:17\");\n\n script_cve_id(\n \"CVE-2013-6629\",\n \"CVE-2013-6954\",\n \"CVE-2014-0429\",\n \"CVE-2014-0446\",\n \"CVE-2014-0448\",\n \"CVE-2014-0449\",\n \"CVE-2014-0451\",\n \"CVE-2014-0452\",\n \"CVE-2014-0453\",\n \"CVE-2014-0454\",\n \"CVE-2014-0455\",\n \"CVE-2014-0457\",\n \"CVE-2014-0458\",\n \"CVE-2014-0459\",\n \"CVE-2014-0460\",\n \"CVE-2014-0461\",\n \"CVE-2014-0963\",\n \"CVE-2014-1876\",\n \"CVE-2014-2398\",\n \"CVE-2014-2401\",\n \"CVE-2014-2402\",\n \"CVE-2014-2409\",\n \"CVE-2014-2412\",\n \"CVE-2014-2414\",\n \"CVE-2014-2420\",\n \"CVE-2014-2421\",\n \"CVE-2014-2423\",\n \"CVE-2014-2427\",\n \"CVE-2014-2428\"\n );\n script_bugtraq_id(\n 63676,\n 64493,\n 65568,\n 66856,\n 66866,\n 66870,\n 66873,\n 66879,\n 66881,\n 66883,\n 66887,\n 66891,\n 66894,\n 66898,\n 66899,\n 66902,\n 66903,\n 66904,\n 66905,\n 66907,\n 66909,\n 66910,\n 66911,\n 66914,\n 66915,\n 66916,\n 66919,\n 66920,\n 67238\n );\n\n script_name(english:\"IBM Notes 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of IBM Notes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has software installed that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host has a version of IBM Notes (formerly Lotus Notes)\n9.0.x prior to 9.0.1 Fix Pack 2 (FP2) installed. It is, therefore,\naffected by the following vulnerabilities :\n\n - An unspecified error exists related to the TLS\n implementation and the IBM HTTP server that could allow\n certain error cases to cause 100% CPU utilization. Note\n this issue only affects Microsoft Windows hosts.\n (CVE-2014-0963)\n\n - Fixes in the Oracle Java CPU for April 2014 are included\n in the fixed IBM Java release, which is included in the\n fixed IBM Domino release.\n (CVE-2013-6629, CVE-2013-6954, CVE-2014-0429,\n CVE-2014-0446, CVE-2014-0448, CVE-2014-0449,\n CVE-2014-0451, CVE-2014-0452, CVE-2014-0453,\n CVE-2014-0454, CVE-2014-0455, CVE-2014-0457,\n CVE-2014-0458, CVE-2014-0459, CVE-2014-0460,\n CVE-2014-0461, CVE-2014-1876, CVE-2014-2398,\n CVE-2014-2401, CVE-2014-2402, CVE-2014-2409,\n CVE-2014-2412, CVE-2014-2414, CVE-2014-2420,\n CVE-2014-2421, CVE-2014-2423, CVE-2014-2427,\n CVE-2014-2428)\");\n # Advisory\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21681114\");\n # 9.0.1 Fix Pack 2 downloads\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg24037141\");\n # PSIRT blog post\n # https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-notes-and-domino-multiple-vulnerabilities-in-ibm-java-oracle-april-2014-critical-patch-update-and-ibm-http-server-for-domino-cve-2014-0963/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?eb873351\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to IBM Notes 9.0.1 FP2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:notes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"lotus_notes_installed.nasl\");\n script_require_keys(\"installed_sw/IBM Notes\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nappname = \"IBM Notes\";\nget_install_count(app_name:appname, exit_if_zero:TRUE);\n\nport = get_kb_item('SMB/transport');\nif (isnull(port)) port = 445;\n\ninstall = get_single_install(app_name:appname);\n\nversion = install['version'];\npath = install['path'];\nver_ui = install['display_version'];\n\nfix = '9.0.12.14215';\n\nif (\n ver_ui =~ \"^9\\.0\\.[01]($|[^0-9])\" &&\n ver_compare(ver:version, fix:fix, strict:FALSE) == -1\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver_ui +\n '\\n Fixed version : 9.0.1 FP2 (' + fix + ')' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, appname, ver_ui, path);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:37:56", "description": "The version of IBM Domino (formerly Lotus Domino) installed on the remote host is 9.0.x prior to 9.0.1 Fix Pack 2 (FP2). It is, therefore, affected by the following vulnerabilities :\n\n - An unspecified error exists related to the TLS implementation and the IBM HTTP server that could allow certain error cases to cause 100% CPU utilization. Note this issue only affects Microsoft Windows hosts.\n (CVE-2014-0963)\n\n - Fixes in the Oracle Java CPU for April 2014 are included in the fixed IBM Java release, which is included in the fixed IBM Domino release.\n (CVE-2013-6629, CVE-2013-6954, CVE-2014-0429, CVE-2014-0446, CVE-2014-0448, CVE-2014-0449, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0454, CVE-2014-0455, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-1876, CVE-2014-2398, CVE-2014-2401, CVE-2014-2402, CVE-2014-2409, CVE-2014-2412, CVE-2014-2414, CVE-2014-2420, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427, CVE-2014-2428)\n\n - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.\n (CVE-2014-3566)", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2014-09-23T00:00:00", "type": "nessus", "title": "IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6629", "CVE-2013-6954", "CVE-2014-0429", "CVE-2014-0446", "CVE-2014-0448", "CVE-2014-0449", "CVE-2014-0451", "CVE-2014-0452", "CVE-2014-0453", "CVE-2014-0454", "CVE-2014-0455", "CVE-2014-0457", "CVE-2014-0458", "CVE-2014-0459", "CVE-2014-0460", "CVE-2014-0461", "CVE-2014-0963", "CVE-2014-1876", "CVE-2014-2398", "CVE-2014-2401", "CVE-2014-2402", "CVE-2014-2409", "CVE-2014-2412", "CVE-2014-2414", "CVE-2014-2420", "CVE-2014-2421", "CVE-2014-2423", "CVE-2014-2427", "CVE-2014-2428", "CVE-2014-3566"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/a:ibm:domino"], "id": "IBM_DOMINO_9_0_1_FP2.NASL", "href": "https://www.tenable.com/plugins/nessus/77811", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77811);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/07/12 19:01:17\");\n\n script_cve_id(\n \"CVE-2013-6629\",\n \"CVE-2013-6954\",\n \"CVE-2014-0429\",\n \"CVE-2014-0446\",\n \"CVE-2014-0448\",\n \"CVE-2014-0449\",\n \"CVE-2014-0451\",\n \"CVE-2014-0452\",\n \"CVE-2014-0453\",\n \"CVE-2014-0454\",\n \"CVE-2014-0455\",\n \"CVE-2014-0457\",\n \"CVE-2014-0458\",\n \"CVE-2014-0459\",\n \"CVE-2014-0460\",\n \"CVE-2014-0461\",\n \"CVE-2014-0963\",\n \"CVE-2014-1876\",\n \"CVE-2014-2398\",\n \"CVE-2014-2401\",\n \"CVE-2014-2402\",\n \"CVE-2014-2409\",\n \"CVE-2014-2412\",\n \"CVE-2014-2414\",\n \"CVE-2014-2420\",\n \"CVE-2014-2421\",\n \"CVE-2014-2423\",\n \"CVE-2014-2427\",\n \"CVE-2014-2428\",\n \"CVE-2014-3566\"\n );\n script_bugtraq_id(\n 63676,\n 64493,\n 65568,\n 66856,\n 66866,\n 66870,\n 66873,\n 66879,\n 66881,\n 66883,\n 66887,\n 66891,\n 66894,\n 66898,\n 66899,\n 66902,\n 66903,\n 66904,\n 66905,\n 66907,\n 66909,\n 66910,\n 66911,\n 66914,\n 66915,\n 66916,\n 66919,\n 66920,\n 67238,\n 70574\n );\n script_xref(name:\"CERT\", value:\"577193\");\n\n script_name(english:\"IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)\");\n script_summary(english:\"Checks the version of IBM Domino.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has software installed that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM Domino (formerly Lotus Domino) installed on the\nremote host is 9.0.x prior to 9.0.1 Fix Pack 2 (FP2). It is,\ntherefore, affected by the following vulnerabilities :\n\n - An unspecified error exists related to the TLS\n implementation and the IBM HTTP server that could allow\n certain error cases to cause 100% CPU utilization. Note\n this issue only affects Microsoft Windows hosts.\n (CVE-2014-0963)\n\n - Fixes in the Oracle Java CPU for April 2014 are included\n in the fixed IBM Java release, which is included in the\n fixed IBM Domino release.\n (CVE-2013-6629, CVE-2013-6954, CVE-2014-0429,\n CVE-2014-0446, CVE-2014-0448, CVE-2014-0449,\n CVE-2014-0451, CVE-2014-0452, CVE-2014-0453,\n CVE-2014-0454, CVE-2014-0455, CVE-2014-0457,\n CVE-2014-0458, CVE-2014-0459, CVE-2014-0460,\n CVE-2014-0461, CVE-2014-1876, CVE-2014-2398,\n CVE-2014-2401, CVE-2014-2402, CVE-2014-2409,\n CVE-2014-2412, CVE-2014-2414, CVE-2014-2420,\n CVE-2014-2421, CVE-2014-2423, CVE-2014-2427,\n CVE-2014-2428)\n\n - A man-in-the-middle (MitM) information disclosure\n vulnerability, known as POODLE, exists due to the way\n SSL 3.0 handles padding bytes when decrypting messages\n encrypted using block ciphers in cipher block chaining\n (CBC) mode. A MitM attacker can decrypt a selected byte\n of a cipher text in as few as 256 tries if they are able\n to force a victim application to repeatedly send the\n same data over newly created SSL 3.0 connections.\n (CVE-2014-3566)\");\n # Advisory\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21681114\");\n # 9.0.1 Fix Pack 2 downloads\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg24037141\");\n # PSIRT blog post\n # https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-notes-and-domino-multiple-vulnerabilities-in-ibm-java-oracle-april-2014-critical-patch-update-and-ibm-http-server-for-domino-cve-2014-0963/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?eb873351\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM Domino version 9.0.1 FP2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:domino\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"lotus_domino_installed.nasl\");\n script_require_keys(\"installed_sw/IBM Domino\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nappname = 'IBM Domino';\nget_install_count(app_name:appname, exit_if_zero:TRUE);\n\nport = get_kb_item('SMB/transport');\nif (isnull(port)) port = 445;\n\ninstall = get_single_install(app_name:appname);\ndomino_ver = install['version'];\npath = install['path'];\nif (!empty_or_null(install['Java Version']))\n java_ver = install['Java Version'];\nelse\n audit(AUDIT_VER_FAIL, \"jvm.dll\");\n\n# Fixed jvm.dll version\njava_fix = '2.4.2.65501';\ndomino_fix = '9.0.1 FP2';\n\n# Versions 9.0.x affected\nif (\n domino_ver =~ \"^9\\.0($|[^0-9])\" &&\n ver_compare(ver:java_ver, fix:java_fix, strict:FALSE) == -1\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Domino installed version : ' + domino_ver +\n '\\n JVM installed version : ' + java_ver +\n '\\n JVM fixed version : ' + java_fix + ' (included in Domino ' + domino_fix + ')' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"IBM Domino's Java Virtual Machine\", java_ver, path);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ibm": [{"lastseen": "2023-02-21T21:38:51", "description": "## Summary\n\nIBM Security Directory Server, formerly known as IBM Tivoli Directory Server, is affected by a problem that is related to the Secure Sockets Layer (SSL) implementation. Some conditions can cause the processor utilization to rapidly increase, resulting in a denial of service. \n\n## Vulnerability Details\n\nCVE ID: [_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \nCVSS and DESCRIPTION: Please refer to the following link: \n \n[_IBM Security Directory Server CPU utilization (CVE-2014-0963)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21672724>)\n\n## Affected Products and Versions\n\nAIX 5.3, 6.1 and 7.1. \nVIOS 2.2.x\n\n## Remediation/Fixes\n\nThe GSKit package contains a fix and needs to be installed on AIX/VIOS systems. \n \nIf your GSKit is older than the corresponding levels that are in the following list, update your GSKit to the specified version, or later. To determine which version of the GSKit component is installed, enter the following command: \n**lslpp -l | grep -i gsk** \n \nThe fixes for the GSKit components can be downloaded at the following links: \n \nGSKit [V7.0.4.50](<http://www.ibm.com/support/docview.wss?uid=swg21672724>) \n \nGSKit [V8.0.14.43](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%2FTivoli&product=ibm/Tivoli/IBM+Global+Security+Kit&release=All&platform=All&function=fixId&fixids=8.0.14.43-ISS-GSKIT-AIX-FP0043&includeSupersedes=0>) \n \nGSKit [V8.0.50.20](<http://www.ibm.com/support/docview.wss?uid=swg21672724>) \n \nWhen you are using GSKitV8, your IBM Security Directory Server or IBM Tivoli Directory Server must be at version 6.3.0.26 or higher. This version avoids a compatibility issue between the IBM Security Directory Server component and the new GSKitV8 fix packs. Refer to the above mentioned link under \"CVSS and DESCRIPTIONS\". To determine the installed version of the IBM Security Directory Server, enter the following command: \n**lslpp -l | grep idsldap**\n\n## ", "cvss3": {}, "published": "2021-09-15T12:14:52", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Directory Server CPU utilization - shipped with AIX and VIOS (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2021-09-15T12:14:52", "id": "6DC5661D38511C86A87BF7CA7EAC62B30EF83CD0352CD32BE33C0F422A023D6D", "href": "https://www.ibm.com/support/pages/node/678969", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-03-13T17:45:43", "description": "## Summary\n\nIBM Tivoli Monitoring shared component is included as part of Tivoli Storage Productivity Center and System Storage Productivity Center. Information about security vulnerabilities affecting an IBM Tivoli Monitoring shared component has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin for vulnerability details: \n[Security Bulletin: IBM Tivoli Monitoring CPU utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21673715>)\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected IBM Tivoli Monitoring Version \n---|--- \nTivoli Storage Productivity Center 4.2.x \nTivoli Storage Productivity Center 5.1.x \nTivoli Storage Productivity Center 5.2.x \nSystem Storage Productivity Center| IBM Tivoli Monitoring 6.2.2 FP2 \nIBM Tivoli Monitoring 6.2.3 FP1 \nIBM Tivoli Monitoring 6.3.0 FP2 \nThe versions listed above apply to all licensed offerings of Tivoli Storage Productivity Center, including IBM SmartCloud Virtual Storage Center Storage Analytics Engine. \n\n## Remediation/Fixes\n\nPlease consult the security bulletin for vulnerability details: \n[Security Bulletin: IBM Tivoli Monitoring CPU utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21673715>)\n\n## ", "cvss3": {}, "published": "2022-08-19T23:26:06", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in an IBM\u00ae Tivoli Monitoring shared component shipped with Tivoli Storage Productivity Center and System Storage Productivity Center (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2022-08-19T23:26:06", "id": "F799E6E0108D459EC3765384D2500A93725940F3C3A33723578D0DEDF5315C2E", "href": "https://www.ibm.com/support/pages/node/514239", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-02-08T23:46:35", "description": "## Abstract\n\nIBM support has released updated fixpacks to resolve CVE-2014-0963. Please install at your earliest convenience.\n\n## Content\n\nSecurity Bulletin: [IBM Tivoli Access Manager High CPU utilization](<http://www-01.ibm.com/support/docview.wss?uid=swg21672189>) (CVE-2014-0963) \n \nSecurity Bulletin: [IBM Security Access Manager for Web High CPU utilization](<http://www-01.ibm.com/support/docview.wss?uid=swg21672192>) (CVE-2014-0963)\n\n[{\"Product\":{\"code\":\"SSPREK\",\"label\":\"Tivoli Access Manager for e-business\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}] \n\n## Product Synonym\n\nITAM TAM SAM ISAM", "cvss3": {}, "published": "2018-06-16T21:17:34", "type": "ibm", "title": "IBM Security Access Manager High CPU utilization (CVE-2014-0963) Resolved", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-16T21:17:34", "id": "4E8B0B6352B919BE09B7FFD1B5AF3100B63E65C31BDAA29DCEA95DF4DD5D544E", "href": "https://www.ibm.com/support/pages/node/509117", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:46:44", "description": "## Summary\n\nThe IBM Tivoli Storage Manager (TSM) server and storage agent are affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase.\n\n## Vulnerability Details\n\n \n**CVE ID:** [_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION: ** \nTSM server and storage agent are affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the Tivoli Storage Manager server and/or storage agent and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for Tivoli Storage Manager instances. \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92844> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\n**IBM Tivoli Storage Manager server release levels: **\n\n\u00b7 7.1.0 (all servers and storage agents)\n\n\u00b7 6.3.0 through 6.3.4.30 (all servers)\n\n\u00b7 6.3.3 through 6.3.4.30 (all storage agents)\n\n\u00b7 6.2.0 through 6.2.6.0 (all servers)\n\n\u00b7 6.1.0 through 6.1.5.xxx (AIX and Windows servers only)\n\n\u00b7 5.5.0 through 5.5.7.xxx (AIX and Windows servers only)\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions included with the patch. \n \n\n\n_Product_| _APAR_| _Remediation/First Fix_ \n---|---|--- \nIBM Tivoli Storage Manager Server 7.1| IT02298| Please call IBM service, referencing APAR IT02298. \nIBM Service will provide GSKIT installation files and install instructions to install GSKIT 8.0.14.43 ( or higher ). \nA fix is also provided as part of level 7.1.1: \n<http://www.ibm.com/support/docview.wss?uid=swg24038353> \nNote: If you are your server or storage agent is on the HP-UX \nplatform, you should not call IBM service for GSKIT 8.0.14.43. \nYou should install 7.1.1 instead. \nIBM Tivoli Storage Manager Server 6.3| IT02298| Please call IBM service, referencing APAR IT02298. \nIBM Service will provide GSKIT installation files and install instructions to install GSKIT 8.0.14.43 ( or higher ). \nA fix is also provided as part of level 6.3.5: \n<http://www.ibm.com/support/docview.wss?uid=swg24038158> \nIBM Tivoli Storage Manager Server 6.2| IT02298| Please call IBM service, referencing APAR IT02298. \nIBM Service will provide GSKIT installation files and install instructions to install GSKIT 7.0.4.50 ( or higher ). \nA fix will also be provided as part of level 6.2.7. \nIBM Tivoli Storage Manager Server 6.1 and 5.5, on AIX and Windows only| \n| Please note that IBM has previously announced End of Support for these versions, effective April 30, 2014. \nIBM recommends using the Workaround specified below, or upgrading to a fixed, supported release \n \n## Workarounds and Mitigations\n\n**Method One)** Monitor CPU utilization of your Tivoli Storage Manager server and/or storage agent instances. If utilization becomes abnormally high, stop and restart the affected instance. \n \n**Method Two) **Disable the use of TLS in Tivoli Storage Manager. To do this, perform the following for every Server or Storage agent instance in your environment: \n \n1\\. For every server, update the options file \n( server - dsmserv.opt or storage agent - dsmsta.opt ), by commenting out the options \nstatement \"SSLTCPPORT xxxx\" and \"SSLTCPADMINPORT xxxx\". \nCommenting out entails placing an asterisk at the beginning of the line \ncontaining \"SLTCPPORT\" and/or \"SSLTCPADMINPORT\". \n2\\. Ensure that a TCPPORT or TCPADMINPORT options statement is in the options file and \nnot commented out. \n3\\. Update all server and storage agent definitions to use the TCP port rather than the SSL port \nin each server and storage agent. For storage agents, you can re-define the setup by using \nthe dsmsta setstorageserver command and not using the SSL=YES parameter. \n4\\. Update all client options files by commenting out the \"SSL YES\" option in their respective \ndsm.sys files and/or options files. Note: A new level of the client is _not_required for this issue. \n5\\. Stop and re-start all storage agents and servers. Then, stop and start all clients and client \nschedulers that are using SSL as their communication methods.\n\n## ", "cvss3": {}, "published": "2018-06-17T14:41:46", "type": "ibm", "title": "Security Bulletin: TSM Server CPU Utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-17T14:41:46", "id": "3149BF808F24BE168103A60BB05892459AFC62AF6331A9076DA531DE383745FE", "href": "https://www.ibm.com/support/pages/node/512033", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:46:42", "description": "## Summary\n\nAn IBM Tivoli Monitoring shared component is included as part of Tivoli Network Manager IP Edition. Information about a security vulnerability affecting an IBM Tivoli Monitoring shared component has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin for vulnerability details: \n** **[**_http://www.ibm.com/support/docview.wss?uid=swg21673715_**](<http://www.ibm.com/support/docview.wss?uid=swg21673715>)\n\n## Affected Products and Versions\n\n**Principal Product and Version(s)**\n\n| **Affected IBM Tivoli Monitoring Version** \n---|--- \n**Tivoli Network Manager IP Edition V3.8, V3.9, V4.1 and V4.1.1**| **All IBM Tivoli Monitoring versions.** \n \n## ", "cvss3": {}, "published": "2018-06-17T14:42:48", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in an IBM Tivoli Monitoring shared component shipped with Tivoli Network Manager IP Edition (CVE-2014-0963).", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-17T14:42:48", "id": "27A61931C123D40E819AC5EAFFA112E3C765FD883016C8E4E13FD04E566E792C", "href": "https://www.ibm.com/support/pages/node/513409", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-06-28T22:04:20", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of WebSphere Dynamic Process Edition. Information about a security vulnerability, which affects IBM WebSphere Application Server, has been published in a security bulletin.\n\n## Vulnerability Details\n\nFor vulnerability details, see the [Security Bulletin: IBM HTTP Server CPU utilization (CVE-2014-0963) document](<http://www.ibm.com/support/docview.wss?uid=swg21672843>) for IBM WebSphere Application Server\n\n## Affected Products and Versions\n\nThe problem affects the IBM HTTP Server component in WebSphere Application Server that is bundled in WebSphere Dynamic Process Edition 7.0.x.\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\nOff \n\n[_Complete CVSS Guide_](<http://www.first.org/cvss/cvss-guide.html>) \n[_WebSphere Application Server Security Bulletin_](<http://www.ibm.com/support/docview.wss?uid=swg21672843>)\n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSBN76\",\"label\":\"WebSphere Dynamic Process Edition\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Component\":\"WebSphere Process Server\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"7.0.1.1;7.0.1;7.0.0.3;7.0.0.2;7.0.0.1;7.0\",\"Edition\":\"All Editions\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2018-06-15T07:00:18", "type": "ibm", "title": "Security Bulletin: Security vulnerability in IBM WebSphere Application Server, which is shipped with WebSphere Dynamic Process Edition: CPU Utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-15T07:00:18", "id": "9CFD66C757F340F0DC4D9FFB589E91D23CCED055E5F8D00713074F23B8B5B745", "href": "https://www.ibm.com/support/pages/node/510695", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:46:41", "description": "## Summary\n\nAn IBM Tivoli Monitoring shared component is included as part of IBM Application for Smart Business [IAMSB] / Tivoli Foundations Application Manager [TFAM]. Information about a security vulnerability affecting an IBM Tivoli Monitoring shared component has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the ITM Security bulletin for vulnerability details: \n<http://www-01.ibm.com/support/docview.wss?uid=swg21673715>\n\n## Affected Products and Versions\n\n**Principal Product and Version(s)**\n\n| **Affected IBM Tivoli Monitoring Version** \n---|--- \nTFAM 1.2.0 \nIAMSB 1.2.1| IBM Tivoli Monitoring version 6.2.2 FP9 \n \n## Remediation/Fixes\n\n \n**Prerequisite :** \n \nThis fix can be applied on top of IAMSB 1.2.1 FP4 only. \n \nPlease upgrade to IAMSB 1.2.1 FP4 before applying this fix. \nRefer the below URL for upgrading to IAMSB 1.2.1 FP4 [_http://www-01.ibm.com/support/docview.wss?uid=swg21640752_](<http://www-01.ibm.com/support/docview.wss?uid=swg21640752>) \n \n**Installation Instructions** \n1\\. Back up the TFAM 1.2 /IAMSB 1.2.1 \n2\\. Close any open Lotus Foundations Web Console, TEP, TCR and Welcome Page windows. \n3\\. Create a temporary directory and make it the current directory. \n 1. `mkdir /home/tfam-appliance_patch/Files/56302`\n 2. `cd /home/tfam-appliance_patch/Files/56302`\n4\\. Download 6.2.2-TIV-ITM-FP0009-IV56302.tar from the URL mentioned in the ITM Security Bulleting and un-tar it . \n 1. `Tar -xvf 6.2.2-TIV-ITM-FP0009-IV56302.tar`\n5\\. Enter the NVS via \"nvs\" command and select \"IBM Application Manager for Smart Business \" or \u201cIBM Tivoli Foundations Application Manager 1.2\u201d \n6\\. Switch to /opt/patch/56302/6.2.2-TIV-ITM-FP0009-IV56302 and follow the install instructions for Linux/Unix platform as mentioned in the file 6.2.2-TIV-ITM-FP0009-IV56302.README \n\n## ", "cvss3": {}, "published": "2018-06-17T14:44:06", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in an IBM Tivoli Monitoring shared component shipped with IBM Application for Smart Business [IAMSB] / Tivoli Foundations Application Manager [TFAM] (CVE-2014-0963).", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-17T14:44:06", "id": "57298182288B8856B38AEB6CE7F130B359FB1B0048F435C69ED6C23F98B0E72D", "href": "https://www.ibm.com/support/pages/node/516023", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:58:37", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM Business Services Fabric. Information about a security vulnerability, which affects IBM WebSphere Application Server, has been published in a security bulletin.\n\n## Vulnerability Details\n\nFor vulnerability details, see the [Security Bulletin: IBM HTTP Server CPU utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21672843>) document for IBM WebSphere Application Server.\n\n## Affected Products and Versions\n\nThe problem affects the IBM HTTP Server component in IBM WebSphere Application Server that is bundled in WebSphere Process Business Services Fabric V7.0.x and WebSphere Process Business Services Fabric on z/OS V7.0.x. \n \n \n**Important note: **IBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [_System z Security web site_](<http://www-03.ibm.com/systems/z/advantages/security/integrity_sub.html>). Security and integrity APARs and associated fixes are posted to this portal. Review the CVSS scores and apply all security or integrity fixes as soon as possible to minimize any potential risk.\n\n## ", "cvss3": {}, "published": "2018-06-15T07:00:18", "type": "ibm", "title": "Security Bulletin: Security vulnerability in IBM WebSphere Application Server, which is shipped with IBM Business Services Fabric: CPU Utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-15T07:00:18", "id": "337A8252FA7D115C338D3084DC6165836F9EC38F2BD49BBF0E6F7C5CFFF36F85", "href": "https://www.ibm.com/support/pages/node/510689", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-28T22:05:25", "description": "## Summary\n\nIBM WebSphere Application Server Hypervisor Edition is shipped as a component IBM Software Delivery and Lifecycle Patterns. Information about a security vulnerability in the IBM HTTP Server component of IBM WebSphere Application Server Hypervisor Edition has been published in a security bulletin.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \nReview security bulletin [1672843: IBM HTTP Server CPU utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21672843>) for vulnerability details. \n\n## Affected Products and Versions\n\nVersions 1.0 and 1.0.1 of IBM Software Delivery and Lifecycle Patterns are affected.\n\n## Remediation/Fixes\n\nUpdate to a newer version of IBM HTTP Server. \n \nApply the fixes listed in [security bulletin 1672843](<http://www.ibm.com/support/docview.wss?uid=swg21672843>) for your version of IBM WebSphere Application Server.\n\n## Workarounds and Mitigations\n\nMonitor CPU utilization of your WAS instances. If utilization becomes abnormally high, stop and restart the affected instance. Review [security bulletin 1672843](<http://www.ibm.com/support/docview.wss?uid=swg21672843>) for other workarounds.\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\nNone\n\n## Change History\n\n* 19 May 2014: Original Copy Published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Product\":{\"code\":\"SSUKF8\",\"label\":\"IBM Software Delivery and Lifecycle Patterns\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Component\":\"General Information\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"1.0;1.0.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2018-06-17T04:54:25", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Hypervisor Edition shipped with IBM Software Delivery and Lifecycle Patterns", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-17T04:54:25", "id": "FFF6FFB88669682E0EC9B7E533971A1A23EBBC57F4C2306E9703170068CEC4EA", "href": "https://www.ibm.com/support/pages/node/510491", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:51:09", "description": "## Summary\n\nIBM Security Network Protection System is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase.\n\n## Vulnerability Details\n\n**CVE ID:** [_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>)\n\n**DESCRIPTION:** IBM Security Network Protection System is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM Security Network Protection System and other software running on the affected system.\n\n \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM Security Network Protection System instances. \n\nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\n**Products: **IBM Security _Network Protection_** **(XGS**) **models 3100, 4100, 5100 \n \n**Firmware versions**: 5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. \n\n\n * 5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0011 for IBM Security Network Protection products at version 5.1[_ \nhttp://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0011&continue=1_](<http://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0011&continue=1>)\n * * 5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0006 for IBM Security Network Protection products at version 5.1.1[_ \nhttp://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0006&continue=1_](<http://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0006&continue=1>)\n * * 5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0007 for IBM Security Network Protection products at version 5.1.2[_ \nhttp://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0007&continue=1_](<http://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0007&continue=1>)\n * * 5.1.2.1-ISS-XGS-All-Models-Hotfix-FP0003 for IBM Security Network Protection products at version 5.1.2.1[_ \nhttp://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=5.1.2.1-ISS-XGS-All-Models-Hotfix-FP0003&continue=1_](<http://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=5.1.2.1-ISS-XGS-All-Models-Hotfix-FP0003&continue=1>)\n * * 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0003 for IBM Security Network Protection products at version 5.2[_ \nhttp://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0003&continue=1_](<http://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0003&continue=1>)\n\n## ", "cvss3": {}, "published": "2018-06-16T21:18:54", "type": "ibm", "title": "Security Bulletin: IBM Security Network Protection System CPU Utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-16T21:18:54", "id": "8FD051F955DA34B0ED86BB19DF9F210B1221FDE0963AE5B34A2B8D0F6F80B010", "href": "https://www.ibm.com/support/pages/node/246693", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:49:32", "description": "## Summary\n\nIBM HTTP Server is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability (CVE-2014-0963) affecting IBM HTTP Server has been published in a security bulletin. \n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \nReview [_security bulletin 1672843_](<http://www.ibm.com/support/docview.wss?uid=swg21672843>) for IBM HTTP Server for vulnerability details. \n\n## Affected Products and Versions\n\nIBM Rational ClearQuest CM Server/CQWeb server component. \n \nVersions affected: 7.0.0.x, 7.0.1.x, 7.1.1.x, 7.1.2.x, 8.0.0.x, 8.0.1.x. \n \nOther parts of IBM Rational ClearQuest are **not** affected.\n\n## Remediation/Fixes\n\nUpdate your CM Server/CQWeb server system to a newer version of IBM HTTP Server. \nApply the fixes listed in the security bulletin referenced above. \n\n**Affected Versions**\n\n| \n\n**Applying the fix** \n \n---|--- \n7.0.x| [_Document 1295608_](<http://www.ibm.com/support/docview.wss?uid=swg21295608>) explains how to update IBM HTTP Server in the RWP component of ClearQuest. Consult those instructions when applying the fix. \n7.1.0.x, 7.1.1.x, and 7.1.2.x| [_Document 1390803_](<http://www.ibm.com/support/docview.wss?uid=swg21390803>) explains how to update IBM HTTP Server for ClearQuest CM Servers at release 7.1.x. Consult those instructions when applying the fix. \n8.0.0.x, 8.0.1.x| Apply the IBM HTTP Server fix directly to your CMServer/CQWeb server host. No ClearQuest-specific steps are necessary. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:54:06", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearQuest", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-17T04:54:06", "id": "1D0192957F944C145D20B2F305B5A767136DD0EAB4CF6464CCE5632FC9F05E0F", "href": "https://www.ibm.com/support/pages/node/510423", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:52:25", "description": "## Summary\n\nIBM Security Directory Server is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase.\n\n## Vulnerability Details\n\n**CVE ID:** \n[_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION: ** \nIBM Security Directory Server is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM Security Directory Server and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM Security Directory Server instances. \n \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\nAll versions of IBM Security Directory Server (ISDS): 6.1.0, 6.2.0, 6.3.0, 6.3.1\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Please install the GSKit package included with the patch. \n \n\n\nAffected Version| GSKit Release| Fix \n---|---|--- \nISDS 6.1.0| 7.0.4.50| [_6.1.0.61-ISS-ITDS_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Security+Systems&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.1.0.61&platform=All&function=all>) \nISDS 6.2.0| 7.0.4.50| [_6.2.0.36-ISS-ITDS_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Security+Systems&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.2.0.36&platform=All&function=all>) \nISDS 6.3.0| 8.0.50.20| [_6.3.0.30-ISS-ITDS_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Security+Systems&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.3.0.30&platform=All&function=all>) \nISDS 6.3.1| 8.0.50.20| [_6.3.1.2-ISS-ISDS_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Security+Systems&product=ibm/Tivoli/IBM+Security+Directory+Server&release=6.3.1.2&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nMonitor CPU utilization of your Program Name instances. If utilization becomes abnormally high, stop and restart the affected instance.\n\n## ", "cvss3": {}, "published": "2018-06-16T21:17:40", "type": "ibm", "title": "Security Bulletin: IBM Security Directory Server CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-16T21:17:40", "id": "06328F4C69F8C4130028C8D210DD30DFD1A6EBD09516664D42030A36665F14C0", "href": "https://www.ibm.com/support/pages/node/509553", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:52:25", "description": "## Summary\n\nIBM Security Network Protection System is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase.\n\n## Vulnerability Details\n\n**CVE ID:** \n[_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION: ** \nIBM Security Network Protection System is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM Security Network Protection System and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM Security Network Protection System instances. \n \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\n**Products: **IBM Security _Network Protection_** **(XGS**) **models 3100, 4100, 5100 \n \n**Firmware versions**: 5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. \n \n5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0009 for IBM Security Network Protection products at version 5.1 \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Network+Protection&release=5.1&platform=Windows&function=all](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Network+Protection&release=5.1&platform=Windows&function=all>) \n \n5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0004 for IBM Security Network Protection products at version 5.1.1 \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Network+Protection&release=5.1.1&platform=Windows&function=all](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Network+Protection&release=5.1.1&platform=Windows&function=all>) \n \n5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0005 for IBM Security Network Protection products at version 5.1.2 \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Network+Protection&release=5.1.2&platform=Windows&function=all](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Network+Protection&release=5.1.2&platform=Windows&function=all>) \n \n5.1.2.1-ISS-XGS-All-Models-Hotfix-FP0001 for IBM Security Network Protection products at version 5.1.2.1 \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Network+Protection&release=5.1.2&platform=Windows&function=all](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Network+Protection&release=5.1.2&platform=Windows&function=all>) \n \n5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0001 for IBM Security Network Protection products at version 5.2 \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Network+Protection&release=5.2&platform=Windows&function=all](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Network+Protection&release=5.2&platform=Windows&function=all>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-16T21:18:03", "type": "ibm", "title": "Security Bulletin: IBM Security Network Protection System CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-16T21:18:03", "id": "EE37AC6B791EE142CDDEB3FD264ECF8AE2217EA375AF875221F39B0925A010AC", "href": "https://www.ibm.com/support/pages/node/512679", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:53:12", "description": "## Summary\n\nInformix Server is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase.\n\n## Vulnerability Details\n\n**CVE ID:** [_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION: ** \nInformix Server is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the Informix Server and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for Informix Server instances. \n \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\nInformix Server 11.50, 11.70 and 12.10\n\n## Remediation/Fixes\n\n**Product**\n\n| **Remediation/First Fix** \n---|--- \nInformix Server 12.10| Upgrade to 12.10.xC4 or download and install GSKit (see next section) \nInformix Server 11.70| Upgrade to future release or download and install GSKit (see next section) \nInformix Server 11.50| Upgrade and install GSKit (see next section) \n \n**Upgrading GSKit**:\n\n 1. Download the appropriate GSKit using the following table:\n**Product**| **Required GSKit version**| **GSKit link** \n---|---|--- \nInformix Server 12.10 \n \nInformix Server 11.70 (all platforms other than HP-UX PA-RISC)| 8.0.50.20| AIX ([pSeries_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_AIX_pSeries_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [pSeries_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_AIX_pSeries_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nHP-UX ([Itanium_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_HPUX_Itanium_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [Itanium_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_HPUX_Itanium_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nLinux ([x86_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_LIN_x86_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_LIN-x86_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [pSeries_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_LIN-pSeries_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [zSeries_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_LIN-zSeries_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [zSeries_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_LIN-zSeries_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nSolaris ([SPARC_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_SOL_SPARC_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [SPARC_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_SOL_SPARC_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_SOL_x86_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_SOL_x86_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nWindows ([x86_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_WIN_x86_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_WIN_x86_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nInformix Server 11.70 (HP-UX PA-RISC platforms only)| 7.0.4.50| HP-UX ([PA-RISC_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_HPUX_PARISC_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [PA-RISC_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_HPUX_PARISC_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nInformix Server 11.50| 7.0.4.50| AIX ([pSeries_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_AIX_pSeries_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [pSeries_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_AIX_pSeries_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nHP-UX ([Itanium_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_HPUX_Itanium_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [Itanium_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_HPUX_Itanium_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [PA-RISC_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_HPUX_PARISC_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [PA-RISC_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_HPUX_PARISC_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nLinux ([x86_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_LIN_x86_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_LIN-x86_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [pSeries_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_LIN-pSeries_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [zSeries_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_LIN-zSeries_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [zSeries_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_LIN-zSeries_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nSolaris ([SPARC_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_SOL_SPARC_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [SPARC_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_SOL_SPARC_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_SOL_x86_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_SOL_x86_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nWindows ([x86_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_WIN_x86_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_WIN_x86_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \n 2. Unix/Linux instructions:\n 1. Copy the downloaded tar file(s) to $INFORMIXDIR/gskit. Note: the old gskit .tar files must be removed or renamed to not end in .tar.\n 2. Bring the database server offline. (e.g. onmode -ky).\n 3. Change to the GSKit directory (cd $INFORMIXDIR/gskit).\n 4. As root, run \"./installgskit\".\n 5. To verify the installation, run the appropriate command (i.e. gsk7ver, gsk7ver_64, gsk8ver or gsk8ver_64) for the GSKit you installed. The new version should be 7.0.4.50 or 8.0.50.20.\n 3. Windows GSkit version 7 x86_32 instructions:\n 1. Copy/download the gsk7d_7.0.4.50_win32.exe file to C:\\tmp.\n 2. Start the 'cmd' program.\n 3. Change to the C:\\temp directory (cd c:\\tmp).\n 4. Run \"gsk7d_7.0.4.50_win32.exe /D tmp\". This will extract the files to the C:\\tmp\\tmp directory.\n 5. Change to the C:\\tmp\\tmp directory (cd C:\\tmp\\tmp).\n 6. Run \"setup GSK7BAS\". Accept all of the defaults.\n 7. To verify the installation, run gsk7ver to verify the installation. The new version should be 7.0.4.50.\n 4. All other Windows versions instructions:\n 1. Copy/download the appropriate file (gsk7d_7.0.4.50_win64.msi, gsk8ssl32.exe or gsk8ssl64.exe) to C:\\tmp.\n 2. Using Windows Explorer, double click on the downloaded file. This will start Install Shield. Accept all of the defaults.\n 3. To verify the installation, run the appropriate command (i.e. gsk7ver_64, gsk8ver or gsk8ver_64) for the GSKit you installed. The new version should be 7.0.4.50 or 8.0.50.20.\n\n## Workarounds and Mitigations\n\nMonitor CPU utilization of your Program Name instances. If utilization becomes abnormally high, stop and restart the affected instance.\n\n## ", "cvss3": {}, "published": "2018-06-16T14:12:00", "type": "ibm", "title": "Security Bulletin: IBM Informix Server CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-16T14:12:00", "id": "CA952453C57BB4B8439AB9B32CC6034F032C5A906021E2FAE1D91EAE2DB41672", "href": "https://www.ibm.com/support/pages/node/509873", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:53:50", "description": "## Summary\n\nIBM SPSS Modeler is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase.\n\n## Vulnerability Details\n\n**CVE ID**: [CVE-2014-0963](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION:** \nIBM SPSS Modeler Server is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM SPSS Modeler Server and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM SPSS Modeler Server instances. \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92844> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C) \n \n\n\n## Affected Products and Versions\n\nSPSS Modeler Server 16.0\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. \n\n\n * Apply [SPSS Modeler 16.0 Interim Fix 13](<http://www.ibm.com/support/docview.wss?uid=swg24037537>)\n\n## Workarounds and Mitigations\n\nMonitor CPU utilization of your Program Name instances. If utilization becomes abnormally high, stop and restart the affected instance.\n\n## ", "cvss3": {}, "published": "2018-06-16T13:18:34", "type": "ibm", "title": "Security Bulletin: IBM SPSS Modeler CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-16T13:18:34", "id": "7568FEAA9605EF2C9FAF96BEC99B76E9B83ECD7DD1DC58F9858E278BE45E512F", "href": "https://www.ibm.com/support/pages/node/510575", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:40:05", "description": "## Summary\n\nIBM HTTP Server is shipped as a component of IBM Performance Portal. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [_IBM HTTP Server_](<http://www-01.ibm.com/support/docview.wss?uid=swg21672843>) for vulnerability details.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nNetezza Performance Portal 2.1| IBM HTTP Server 8.5 \n \n## ", "cvss3": {}, "published": "2019-10-18T03:10:29", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Netezza Performance Portal (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-0963"], "modified": "2019-10-18T03:10:29", "id": "6BF1CF55DE3BAE9236780CD0C796A5D908FBC6165AE3749D97657FE2D8F3E59E", "href": "https://www.ibm.com/support/pages/node/512699", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:58:30", "description": "## Summary\n\nIBM Tivoli Monitoring is shipped as a component of WebSphere Remote Server. Information about a security vulnerability affecting IBM Tivoli Monitoring has been published in a security bulletin.\n\n## Vulnerability Details\n\nFor vulnerability details, see the [**_IBM Tivoli Monitoring CPU utilization (CVE-2014-0963)_**](<http://www.ibm.com/support/docview.wss?uid=swg21673715>) document.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version(s) \n---|--- \nWebSphere Remote Server version 7.1, 7.1.1, 7.1.2, 8.5| IBM Tivoli Monitoring version: \n\n\u00b7 6.22 through fix pack 9 \n\u00b7 6.23 through fix pack 5 \n\u00b7 6.30 through fix pack 2 \n \n## ", "cvss3": {}, "published": "2018-06-15T07:00:51", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM Tivoli Monitoring shipped with WebSphere Remote Server (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-15T07:00:51", "id": "EBBE77B3EA2E9CBF25053115271158E9E2469346FFF1558D81E3CC6781CA2B51", "href": "https://www.ibm.com/support/pages/node/513909", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:49:33", "description": "## Summary\n\nA vulnerability in IBM Rational RequisitePro in relation to TLS Record Processing has been discovered related to TLS 1.0 and later which can result in high CPU utilization that requires a system reboot to resolve. \n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVE ID: **[CVE-2014-0963](<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0963>) \n** \nDescription**: A vulnerability in relation to TLS Record Processing has been discovered related to TLS 1.0 and later which can result in high CPU utilization. \n\nRequisitePro uses GSKit when supporting SSL (https) connections.\n\n**Note:** this vulnerability affects RequisitePro **only** if your IBM HTTP server is configured to enable mod_reqtimeout. This is not the default configuration. If you do not use mod_reqtimeout, you are **not **vulnerable.\n\n \n**CVSS Base Score:** 7.1 \n**CVSS Temporal Score**: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92844> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (AV:N/AC:M/Au:N/C:N/I:N/A:C) \n\n## Affected Products and Versions\n\nIBM Rational RequisitePro versions 7.1, 7.1.0.1 through 7.1.0.2, 7.1.1 through 7.1.1.9, 7.1.2 through** **7.1.2.13.01, 7.1.3 through 7.1.3.10.01, and 7.1.4 through 7.1.4.3.01\n\n## Remediation/Fixes\n\nInstall fixes to your IBM HTTP Server, if you use SSL. \n\nReview security bulletin [1672843: IBM HTTP Server CPU utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21672843>) for additional vulnerability details and fixes.\n\n**Affected Versions**\n\n| \n\n**Applying the fix** \n \n---|--- \n7.1, 7.1.0.x, 7.1.1.x and 7.1.2.x| [Document 1390803](<http://www.ibm.com/support/docview.wss?uid=swg21390803>) explains how to update IBM HTTP Server for IBM Rational ClearCase WAN servers at release 7.1.x; the same process applies for RequisitePro. Consult those instructions when applying the IHS interim fix or fix pack containing the fix, as listed in the security bulletin referenced above. \n7.1.3.x and 7.1.4.x| Upgrade IBM HTTP Server to a version including the fix, or install the IHS interim fix. Consult the security bulletin referenced above for the fixes relevant for your version of IHS. \n \n## Workarounds and Mitigations\n\nMonitor CPU utilization of your RequisitePro server instances. If utilization becomes abnormally high, stop and restart the affected instance. \n\nFollow the guidance in [security bulletin 1672843](<http://www.ibm.com/support/docview.wss?uid=swg21672843>) to change your configuration of IHS to avoid the problem.\n\n## ", "cvss3": {}, "published": "2018-06-17T04:54:06", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in RequisitePro GSKit Component (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-17T04:54:06", "id": "418155E625950ED93200858561739BA8D180B35EDD681078311AE7088DA4B4F8", "href": "https://www.ibm.com/support/pages/node/510297", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:36:01", "description": "## Summary\n\nIBM HTTP Server is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase. \n\n## Vulnerability Details\n\n**CVE ID:** [_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION: ** \nIBM HTTP Server is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM HTTP Server and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM HTTP Server instances, or monitor the mod_mpmstats output written to the ErrorLog. \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\nThis problem affects the IBM HTTP Server component in all editions of WebSphere Application Server and bundling products: \n\u00b7 Version 8.5.5 \n\u00b7 Version 8.5 \n\u00b7 Version 7.0 \n\u00b7 Version 6.1 \n\u00b7 Version 6.0\n\n## Remediation/Fixes\n\nThe recommended solutions is to apply the interim fix, Fix Pack or PTF containing APAR PI17025 for each named product as soon as practical \n\n**For affected IBM HTTP Server for WebSphere Application Server:**\n\n \n \n \n\n\n**For V8.5.0.0 through 8.5.5.2 Full Profile:**\n\n\u00b7 Apply Interim Fix [PI17025](<http://www-01.ibm.com/support/docview.wss?uid=swg24037517>)\n\n\\--OR-- \n\n \n\u00b7 Apply Fix Pack 8.5.5.3 or later. \n\n** \nFor V8.0 through 8.0.0.8:**\n\n \n\u00b7 Apply Interim Fix [PI17025](<http://www-01.ibm.com/support/docview.wss?uid=swg24037517>)\n\n\\--OR-- \n\n \n\u00b7 Apply Fix Pack 8.0.0.9 or later. \n\n \n**For V7.0.0.0 through 7.0.0.31:**\n\n \n\u00b7 Apply Interim Fix[ PI17025](<http://www-01.ibm.com/support/docview.wss?uid=swg24037517>)\n\n\\--OR-- \n\n \n\u00b7 Apply Fix Pack 7.0.0.33 or later. \n\n**For V6.1.0.0 through 6.1.0.47:**\n\n \n\u00b7 Apply Interim Fix [PI17025](<http://www-01.ibm.com/support/docview.wss?uid=swg24037517>)\n\n** \nFor V6.0.0.0 through 6.0.2.43:**\n\n \n\u00b7 Apply Interim Fix [PI17025](<http://www-01.ibm.com/support/docview.wss?uid=swg24037517>)\n\n## Workarounds and Mitigations\n\nUse any of these workarounds: \n\n * For Any Release:\n * Disable_ mod_reqtimeout_ by commenting out both the line beginning with \u201cLoadModule reqtimeout_module...\u201d in httpd.conf and any line beginning with \u201cRequestReadTimeout\u201d. Note: This is not intuitive, but CVE-2014-0963 does not manifest in IBM HTTP Server without mod_reqtimeout also loaded.\n * Configure very short thresholds with mod_reqtimeout, which shortens the amount of time a thread can be tied up by CVE-2014-0963. See the RequestReadTimeout directive.\n * * Monitor CPU utilization of your IBM HTTP Server instances. If utilization becomes abnormally high, stop and restart the affected instance.\n * * Monitor mod_mpmstats output for unusual build-up of threads with active module \u201cmod_ibm_ssl\"\n\n## ", "cvss3": {}, "published": "2022-09-08T00:26:26", "type": "ibm", "title": "Security Bulletin: IBM HTTP Server CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2022-09-08T00:26:26", "id": "30328151913370B14415B4B74B6C2990524CAA3213129496E6025C73FB2831D6", "href": "https://www.ibm.com/support/pages/node/509677", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:53:10", "description": "## Summary\n\nInformix Client SDK is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase.\n\n## Vulnerability Details\n\n**CVE ID:** [_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION: ** \nInformix Client SDK is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the Informix Client SDK and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for Informix Client SDK instances. \n \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\nCSDK 3.50, 3.70 and 4.10\n\n## Remediation/Fixes\n\nProduct\n\n| Remediation/First Fix \n---|--- \nInformix Client SDK 4.10| Upgrade to 4.10.xC4 or download and install GSKit (see next section) \nInformix Client SDK 3.70| Upgrade to 3.70.xC9 or download and install GSKit (see next section) \nInformix Client SDK 3.50| Upgrade and install GSKit (see next section) \n \n**Upgrading GSKit**:\n\n 1. Download the appropriate GSKit using the following table:\n**Product**| **Required GSKit version**| **GSKit link** \n---|---|--- \nInformix Client SDK 4.10 \n \nInformix Client SDK 3.70 (all platforms other than HP-UX PA-RISC)| 8.0.50.20| AIX ([pSeries_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_AIX_pSeries_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [pSeries_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_AIX_pSeries_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nHP-UX ([Itanium_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_HPUX_Itanium_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [Itanium_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_HPUX_Itanium_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nLinux ([x86_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_LIN_x86_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_LIN-x86_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [pSeries_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_LIN-pSeries_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [zSeries_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_LIN-zSeries_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [zSeries_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_LIN-zSeries_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nSolaris ([SPARC_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_SOL_SPARC_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [SPARC_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_SOL_SPARC_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_SOL_x86_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_SOL_x86_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nWindows ([x86_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_WIN_x86_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_8.0.50.20_WIN_x86_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nInformix Client SDK 3.70 (HP-UX PA-RISC platforms only)| 7.0.4.50| HP-UX ([PA-RISC_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_HPUX_PARISC_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [PA-RISC_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_HPUX_PARISC_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nInformix Client SDK 3.50| 7.0.4.50| AIX ([pSeries_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_AIX_pSeries_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [pSeries_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_AIX_pSeries_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nHP-UX ([Itanium_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_HPUX_Itanium_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [Itanium_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_HPUX_Itanium_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [PA-RISC_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_HPUX_PARISC_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [PA-RISC_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_HPUX_PARISC_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nLinux ([x86_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_LIN_x86_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_LIN-x86_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [pSeries_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_LIN-pSeries_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [zSeries_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_LIN-zSeries_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [zSeries_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_LIN-zSeries_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nSolaris ([SPARC_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_SOL_SPARC_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [SPARC_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_SOL_SPARC_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_SOL_x86_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_SOL_x86_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \nWindows ([x86_32](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_WIN_x86_32_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>), [x86_64](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/Informix+Client+Software+Development+Kit&function=fixId&fixids=IFX_GSKIT_7.0.4.50_WIN_x86_64_IFix&includeRequisites=0&includeSupersedes=0&downloadMethod=ddp&source=fc>)) \n 2. Unix/Linux instructions:\n 1. Copy the downloaded tar file(s) to $INFORMIXDIR/gskit. Note: the old gskit .tar files must be removed or renamed to not end in .tar.\n 2. Bring the database server offline. (e.g. onmode -ky).\n 3. Change to the GSKit directory (cd $INFORMIXDIR/gskit).\n 4. As root, run \"./installgskit\".\n 5. To verify the installation, run the appropriate command (i.e. gsk7ver, gsk7ver_64, gsk8ver or gsk8ver_64) for the GSKit you installed. The new version should be 7.0.4.50 or 8.0.50.20.\n 3. Windows GSkit version 7 x86_32 instructions:\n 1. Copy/download the gsk7d_7.0.4.50_win32.exe file to C:\\tmp.\n 2. Start the 'cmd' program.\n 3. Change to the C:\\temp directory (cd c:\\tmp).\n 4. Run \"gsk7d_7.0.4.50_win32.exe /D tmp\". This will extract the files to the C:\\tmp\\tmp directory.\n 5. Change to the C:\\tmp\\tmp directory (cd C:\\tmp\\tmp).\n 6. Run \"setup GSK7BAS\". Accept all of the defaults.\n 7. To verify the installation, run gsk7ver to verify the installation. The new version should be 7.0.4.50.\n 4. All other Windows versions instructions:\n 1. Copy/download the appropriate file (gsk7d_7.0.4.50_win64.msi, gsk8ssl32.exe or gsk8ssl64.exe) to C:\\tmp.\n 2. Using Windows Explorer, double click on the downloaded file. This will start Install Shield. Accept all of the defaults.\n 3. To verify the installation, run the appropriate command (i.e. gsk7ver_64, gsk8ver or gsk8ver_64) for the GSKit you installed. The new version should be 7.0.4.50 or 8.0.50.20.\n\n## Workarounds and Mitigations\n\nMonitor CPU utilization of your Program Name instances. If utilization becomes abnormally high, stop and restart the affected instance.\n\n## ", "cvss3": {}, "published": "2018-06-16T14:12:00", "type": "ibm", "title": "Security Bulletin: IBM Informix Client SDK CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-16T14:12:00", "id": "D41A274FB8E036C84F3198A8146D83F552A48326E0818A0061DBF4E80789BCD0", "href": "https://www.ibm.com/support/pages/node/509887", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:38:24", "description": "## Summary\n\nIBM Rational Developer for System z is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVE ID:** [_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**Description: **Rational Developer for System z is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case. If this error case happens multiple times, an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the Rational Developer for System z and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for Rational Developer for System z instances. \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92844> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C) \n\n## Affected Products and Versions\n\nRational Developer for System z Version 9.0.1.1, 9.0.1.1 ifix 1, 9.0.1.2\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. \n \nFollow the installation instructions in the README files included with the patch. \n \nThe fix can be obtained at the following location: [Rational Developer for System z 9.0.1.0, All platforms](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Developer+for+System+z&release=9.0.1.0&platform=All&function=all>)\n\n## Workarounds and Mitigations\n\nMonitor CPU utilization of your Program Name instances. If utilization becomes abnormally high, stop and restart the affected instance.\n\n## ", "cvss3": {}, "published": "2020-10-27T15:51:50", "type": "ibm", "title": "Security Bulletin: Rational Developer for System z CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2020-10-27T15:51:50", "id": "23A6064A27BE5DEB6EE870F43DFEDD399070EF9E26A0CC5394D3C1D22CE03B5D", "href": "https://www.ibm.com/support/pages/node/510141", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:46:41", "description": "## Summary\n\nAn IBM Tivoli Monitoring shared component is included as part of Tivoli Netcool/OMNIbus. Information about a security vulnerability affecting an IBM Tivoli Monitoring shared component has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin for vulnerability details: \n<http://www-01.ibm.com/support/docview.wss?uid=swg21673715> \n**Security Bulletin: IBM Tivoli Monitoring CPU utilization (CVE-2014-0963)**\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected IBM Tivoli Monitoring Version \n---|--- \nThe KNO Agent component of Tivoli Netcool/OMNIbus versions 7.3.0, 7.3.1, 7.4.0, and 8.1| IBM Tivoli Monitoring version \n\u00b7 IBM Tivoli Monitoring version 6.22 through 6.22 FP9 \n\u00b7 IBM Tivoli Monitoring version 6.23 through 6.23 FP5 \n\u00b7 IBM Tivoli Monitoring version 6.30 through 6.30 FP2 \n \n## ", "cvss3": {}, "published": "2018-06-17T14:43:49", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in an IBM Tivoli Monitoring shared component shipped with Tivoli Netcool/OMNIbus (CVE-2014-0963).", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-17T14:43:49", "id": "89606CB9BAE9B108FF51E5EA45712D05273B7EFD73D6E324B14E0C2CD5D7A9D8", "href": "https://www.ibm.com/support/pages/node/515181", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:35:16", "description": "## Summary\n\nIBM HTTP Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions (including Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities), Tivoli Asset Management for IT, Tivoli Service Request Manager, Change and Configuration Management Database, and SmartCloud Control Desk, Intelligent Building Management, or TRIRIGA for Energy Optimization. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [_IBM HTTP Server CPU utilization (CVE-2014-0963)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21672843>) for vulnerability details.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nMaximo Asset Management, Maximo Industry Solutions, Tivoli Asset Management for IT, Tivoli Service Request Manager, and Tivoli Change and Configuration Management Database 7.1 and 7.2| IBM HTTP Server 6.1 \nMaximo Asset Management, Maximo Industry Solutions, and SmartCloud Control Desk 7.5| IBM HTTP Server 7.0 \nIntelligent Building Management 1.1 and TRIRIGA for Energy Optimization 1.1| IBM HTTP Server 7.0 \n \n## ", "cvss3": {}, "published": "2022-09-22T03:02:31", "type": "ibm", "title": "Security Bulletin: A Security Vulnerability Has Been Identified in IBM HTTP Server Shipped With Asset and Service Management (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2022-09-22T03:02:31", "id": "BCDD7F4DD9394B30CE89ECD8DF9B6981141B586EDAEAB6739431597AE6922C8D", "href": "https://www.ibm.com/support/pages/node/512501", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:35:13", "description": "## Summary\n\nIBM Tivoli Monitoring is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions (including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities), SmartCloud Control Desk, Intelligent Building Management, and TRIRIGA for Energy Optimization. Information about a security vulnerability affecting IBM Tivoli Monitoring has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [_IBM Tivoli Monitoring CPU utilization (CVE-2014-0963)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21673715>) for vulnerability details.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nMaximo Asset Management, Maximo Industry Solutions, and SmartCloud Control Desk 7.5| IBM Tivoli Monitoring 6.2.2 FP 2 \nIntelligent Building Management 1.1 and TRIRIGA for Energy Optimization 1.1| IBM Tivoli Monitoring 6.2.2 FP 2 \n \n## ", "cvss3": {}, "published": "2022-09-22T03:02:31", "type": "ibm", "title": "Security Bulletin: A Security Vulnerability Has Been Identified in IBM Tivoli Monitoring Shipped with Asset and Service Management (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2022-09-22T03:02:31", "id": "86FD24BEECC6A3212BD5650D8D371F59ACC613E17C0D66E2E30788BCD20A1A37", "href": "https://www.ibm.com/support/pages/node/512571", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:35:51", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM Business Process Manager. Information about a security vulnerability, which affects IBM WebSphere Application Server, has been published in a security bulletin.\n\n## Vulnerability Details\n\nFor vulnerability details, see the [Security Bulletin: IBM HTTP Server CPU utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21672843>) document for IBM WebSphere Application Server.\n\n## Affected Products and Versions\n\nThe following products are affected: \n\n * WebSphere Process Server V6.1.2.x, 6.2.x, 7.0.x\n * WebSphere Process Server for z/OS 6.2.x, 7.0.x\n * WebSphere Lombardi Edition 7.2.x\n * WebSphere Process Server Hypervisor Edition for Red Hat Enterprise Linux Server for x86 (32-bit) 7.0.x\n * WebSphere Process Server Hypervisor Edition for Novell SUSE Linux Enterprise Server for x86 (32-bit) 6.2.x, 7.0.x\n * WebSphere Process Server Hypervisor Edition for Novell SUSE Linux Enterprise Server for System z 6.2.x, 7.0.x\n * IBM Business Process Manager Standard V7.5.x, 8.0.x, 8.5.x\n * IBM Business Process Manager Express V7.5.x, 8.0.x, 8.5.x\n * IBM Business Process Manager Advanced V7.5.x, 8.0.x, 8.5.x\n \n**Important note: **IBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [System z Security web site](<http://www.ibm.com/systems/z/advantages/security/integrity_sub.html>). Security and integrity APARs and associated fixes are posted to this portal. Review the CVSS scores and apply all security or integrity fixes as soon as possible to minimize any potential risk.\n\n## ", "cvss3": {}, "published": "2022-09-15T18:56:48", "type": "ibm", "title": "Security Bulletin: Security vulnerability in IBM WebSphere Application Server, which is shipped with IBM Business Process Manager (BPM): CPU Utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2022-09-15T18:56:48", "id": "706D99B639D7E81DE32939C6E38CFFF8B3EE3C64791BE8296A7D64F4752EC724", "href": "https://www.ibm.com/support/pages/node/510683", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:38:41", "description": "## Summary\n\nIBM Sterling Connect:Direct for Microsoft Windows is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase\n\n## Vulnerability Details\n\nIBM Sterling Connect:Direct for Microsoft Windows is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM Sterling Connect:Direct for Microsoft Windows and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM Sterling Connect:Direct for Microsoft Windows instances. \n \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\nIBM Sterling Connect:Direct for Microsoft Windows 4.7.0.0 \n \nNo other version of IBM Sterling Connect:Direct for Microsoft Windows is affected\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. \n \n\n\n_Version_| _APAR_| _Remediation/First Fix_ \n---|---|--- \n4.7.0.0| IT01934| Upgrade to or install directly from 4.7.0.1, available on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+Connect%3ADirect+for+Microsoft+Windows&release=4.7.0.1&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2020-07-24T22:19:08", "type": "ibm", "title": "Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-0963"], "modified": "2020-07-24T22:19:08", "id": "5E0DE285D2E6D01FF0231DFA20BECAC2CBCFA060DDEAD7E3A080B416A2FC0E24", "href": "https://www.ibm.com/support/pages/node/510827", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:38:40", "description": "## Summary\n\nIBM Sterling Connect:Direct for Microsoft Windows is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase.\n\n## Vulnerability Details\n\n**CVE ID:** [_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION: ** \nIBM Sterling Connect:Direct for Microsoft Windows is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM Sterling Connect:Direct for Microsoft Windows and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM Sterling Connect:Direct for Microsoft Windows instances. \n \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\nIBM Sterling Connect:Direct for Microsoft Windows 4.7.0.0 \n \nNo other version of IBM Sterling Connect:Direct for Microsoft Windows is affected\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. \n \n\n\n_Version_| _APAR_| _Remediation/First Fix_ \n---|---|--- \n4.7.0.0| IT01934| Upgrade to or install directly from 4.7.0.1, available on Fix Central. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2020-07-24T22:19:08", "type": "ibm", "title": "Security Bulletin: \tIBM Sterling Connect:Direct for Microsoft Windows CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2020-07-24T22:19:08", "id": "89B79E0FDFFD6E25CBB86E30650219E38ADBDF5AD329BA0714EB365F1D1C347A", "href": "https://www.ibm.com/support/pages/node/512125", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:38:40", "description": "## Summary\n\nIBM Sterling Connect:Direct for UNIX is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase.\n\n## Vulnerability Details\n\nIBM Sterling Connect:Direct for UNIX is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM Sterling Connect:Direct for UNIX and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM Sterling Connect:Direct for UNIX instances. \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\nIBM Sterling Connect:Direct for UNIX 4.2.0.0 \n \nNo other version of IBM Sterling Connect:Direct for UNIX is affected\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. \n \n\n\n_Version_| _APAR_| _Remediation/First Fix_ \n---|---|--- \n4.2.0.0| IT01935| Upgrade to or install directly from 4.2.0.1, available on [](<http://www.ibm.com/support/fixcentral/>)[Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+Connect%3ADirect+for+UNIX&release=4.2.0.1&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2020-07-24T22:19:08", "type": "ibm", "title": "Security Bulletin: IBM Sterling Connect:Direct for UNIX CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-0963"], "modified": "2020-07-24T22:19:08", "id": "D4E019B35B04626AD073710FFADD8B8C514E51E50A3B78AB1C6FE1F304B4ED1C", "href": "https://www.ibm.com/support/pages/node/510823", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:52:25", "description": "## Summary\n\nThe Reverse Proxy component in all versions of IBM Security Access Manager for Web is affected by a problem in which, under very specific conditions, CPU utilization can rapidly increase and not decrease. This issue is related to the SSL implementation in IBM Security Access Manager (ISAM) for Web. \n\n## Vulnerability Details\n\n**CVE ID:** \n[_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION: ** \nThe Reverse Proxy component in all versions of IBM Security Access Manager for Web is affected by a problem with the handling of certain SSL messages. The TLS implementation in a component of the Reverse Proxy can, under very specific conditions, cause CPU utilization to rapidly increase and not decrease. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This could ultimately result in CPU exhaustion and unresponsiveness of IBM Security Access Manager for Web and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization of your ISAM for Web instances. \n \n \n**CVSS:** \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92844> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\n * All versions of IBM Security Access Manager for Web, both software and appliance: 7.0, 8.0\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. \n \n\n\nAffected Version| Build| APAR| Download URL \n---|---|---|--- \nISAM for Web 7.0| 7006| IV59660| [_7.0.0-ISS-SAM-IF0006_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=All&function=all>) \nISAM for Web 8.0| 80032| IV59660| [_8.0.0.3-ISS-WGA-IF0002_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0.0.1&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\n**Methods for ISAM for Web 7.0 software version** \n \n**Method One**: Monitor CPU utilization of your WebSEAL instances. If utilization becomes abnormally high, stop and restart the affected instance. \n \n**Method Two: **Enable SSLv3 and disable all versions of TLS used by WebSEAL. To do this, perform these steps for every WebSEAL instance in your environment: \n\n 1. In the [ssl] stanza of the WebSEAL instance configuration file, enable SSLv3 by setting the following parameter: \n` \ndisable-ssl-v3 = no \n`\n 2. In the [ssl] stanza of the WebSEAL instance configuration file, disable all versions of TLS by setting every parameter that starts with \"`disable-tls`\" to` \"yes`\"\n 3. Restart the WebSEAL instance\n \n \n**Methods for all ISAM for Web appliance versions** \n \n**Method One**: Monitor CPU utilization of your ISAM for Web appliance. From the Monitor main menu item, select System Graphs | CPU. If utilization becomes abnormally high, stop and restart all Reverse Proxy instances. \n \n**Method Two:** Enable SSLv3 and disable all versions of TLS used by each Reverse Proxy instance. To do this, perform these steps for every Reverse Proxy instance in your environment: \n\n 1. In the [ssl] stanza of the Reverse Proxy instance configuration file, enable SSLv3 by setting the following parameter: \n` \ndisable-ssl-v3 = no \n`\n 2. In the [ssl] stanza of the Reverse Proxy configuration file, disable all versions of TLS by setting every parameter that starts with \"`disable-tls`\" to \"`yes`\"\n 3. Save your changes and deploy.\n\n## ", "cvss3": {}, "published": "2018-06-16T21:17:33", "type": "ibm", "title": "Security Bulletin: IBM Security Access Manager for Web High CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-16T21:17:33", "id": "143FDE48A248732C78C331DB08BC1A07CACD4B3165CAE418C0AD1069DD79126E", "href": "https://www.ibm.com/support/pages/node/509039", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:52:28", "description": "## Summary\n\nThe WebSEAL component in all versions of Tivoli Access Manager for e-business is affected by a problem in which, under very specific conditions, CPU utilization can rapidly increase and not decrease. This issue is related to the SSL implementation in WebSEAL.\n\n## Vulnerability Details\n\n**CVE ID:** \n[_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION: ** \nThe WebSEAL component in all versions of Tivoli Access Manager for e-business is affected by a problem with the handling of certain SSL messages. The TLS implementation in a component of WebSEAL can, under very specific conditions, cause CPU utilization to rapidly increase and not decrease. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This could ultimately result in CPU exhaustion and unresponsiveness of Access Manager and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization of your WebSEAL instances. \n \n**CVSS:** \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92844> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\n * All versions of Tivoli Access Manager (TAM) for e-business: 5.1, 6.0, 6.1, 6.1.1\n\n## Remediation/Fixes\n\nIBM has provided updates containing the fix. Affected systems should be patched immediately. Patches and installation instructions are provided at the URLs listed below. \n \n\n\nAffected Version| APAR| Fix \n---|---|--- \nTAM for e-business 6.0| IV59660| [_6.0.0-ISS-TAM-IF0033_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=6.0.0.28&platform=All&function=all>) \nTAM for e-business 6.1| IV59660| [_6.1.0-ISS-TAM-IF0014_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=6.1.0.8&platform=All&function=all>) \nTAM for e-business 6.1.1| IV59660| [_6.1.1-ISS-TAM-IF0010_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=6.1.1.8&platform=All&function=all>) \n \nVersion 5.1 is no longer supported. IBM recommends upgrading to a fixed, supported version of the product. \n\n## Workarounds and Mitigations\n\nThere are two methods to mitigate impacts. \n \n**Method One**: Monitor CPU utilization of your WebSEAL instances. If utilization becomes abnormally high, stop and restart the affected instances. \n \n**Method Two) **Enable SSLv3 and disable all versions of TLS used by WebSEAL. To do this, perform these steps for every WebSEAL instance in your environment \n\n 1. In the [ssl] stanza of the WebSEAL instance configuration file, enable SSLv3 by setting the following parameter: \n` \ndisable-ssl-v3 = no \n`\n 2. In the [ssl] stanza of the WebSEAL instance configuration file, disable all versions of TLS by setting every parameter that starts with \"`disable-tls`\" to \"`yes`\"\n 3. Restart the WebSEAL instance.\n\n## ", "cvss3": {}, "published": "2018-06-16T21:17:33", "type": "ibm", "title": "Security Bulletin: IBM Tivoli Access Manager High CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-06-16T21:17:33", "id": "1BBD7BDA5254DBD99182C6A60B282A627222D1ED2CB8C286505617DEA692FCB9", "href": "https://www.ibm.com/support/pages/node/509035", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:41:52", "description": "## Summary\n\nIBM HTTP Server is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \nReview security bulletin [1672843: IBM HTTP Server CPU utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21672843>) for vulnerability details. \n\n## Affected Products and Versions\n\nIBM Rational ClearCase, CM Server/CCRC WAN server component (not other parts of IBM Rational ClearCase). \n\n \nVersions affected: 7.0.0.x, 7.0.1.x, 7.1.0.x, 7.1.1.x, 7.1.2.x, 8.0.0.x, 8.0.1.x. \n\n## Remediation/Fixes\n\nUpdate your CM Server/CCRC WAN server system to a newer version of IBM HTTP Server. \n\nApply the fixes listed in [security bulletin 1672843](<http://www.ibm.com/support/docview.wss?uid=swg21672843>).\n\n \n \n\n\n**Affected Versions**\n\n| \n\n** Applying the fix** \n \n---|--- \n7.0.0.x, 7.0.1.x| [Document 1295608](<http://www.ibm.com/support/docview.wss?uid=swg21295608>) explains how to update IBM HTTP Server in the RWP component of ClearCase. Consult those instructions when applying the fix. \n7.1.0.x, 7.1.1.x, and 7.1.2.x| [Document 1390803](<http://www.ibm.com/support/docview.wss?uid=swg21390803>) explains how to update IBM HTTP Server for ClearCase CM Servers at release 7.1.x. Consult those instructions when applying the fix. \n8.0.0.x, 8.0.1.x| Apply the IBM HTTP Server fix directly to your CCRC WAN server host. No ClearCase-specific steps are necessary. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-07-10T08:34:12", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearCase", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2018-07-10T08:34:12", "id": "DE8E86BC121D7A4C7B99E8BF726A95D2B7D6B4EFDA35DBDAC109B16EF297ED0A", "href": "https://www.ibm.com/support/pages/node/508747", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-12-30T21:51:47", "description": "## Abstract\n\nIBM DB2 is shipped as a component of Tivoli Workload Scheduler. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin.\n\n## Content\n\n**Vulnerability Details** \nPlease consult the security bulletin [_IBM\u00ae DB2\u00ae is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details. \n \n**Affected Products and Versions** \n \nPlease verify the version of DB2 that is running in your TWS environment and refer to the list below and the DB2 bulletin \n<http://www-01.ibm.com/support/docview.wss?uid=swg21671732> \n \n\n\nPrincipal Product and Version(s)| Affected Supporting Product and Version \n---|--- \nTWS 8.4.0 \nTWS 8.5.0 \nTWS 8.5.1 \nTWS 8.6.0 \nTWS 9.1.0 \nTWS 9.2.0| IBM DB2 Enterprise Server Edition 9.1 \nIBM DB2 Enterprise Server Edition 9.1 and 9.5 \nIBM DB2 Enterprise Server Edition 9.5 and 9.7 \nIBM DB2 Enterprise Server Edition 9.1, 9.5, 9.7 and 10.1 \nIBM DB2 Enterprise Server Edition 9.7 and 10.1 \nIBM DB2 Enterprise Server Edition 10.1 and 10.5 \n \n \n \n**Related Information** \n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>)\n\n## Related Information \n\n[DB2 security bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21671732>)\n\n[{\"Product\":{\"code\":\"SSGSPN\",\"label\":\"IBM Workload Scheduler\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Component\":\"DB2\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"8.4;8.5;8.5.1;8.6;9.1;9.2\",\"Edition\":\"All Editions\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2018-06-17T14:41:46", "type": "ibm", "title": "Security vulnerabilities have been identified in IBM\u00ae DB2\u00ae shipped with Tivoli Workload Scheduler (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-17T14:41:46", "id": "2B629176BB4AEE8CDCF80BE876B782F40389368FB1959C70B4F373548092644B", "href": "https://www.ibm.com/support/pages/node/511951", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:46:44", "description": "## Summary\n\nIBM DB2 is shipped as a component of Tivoli Network Manager. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin. \n\n\n## Vulnerability Details\n\nPlease consult the security bulletin [_IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details.\n\n## Affected Products and Versions\n\nAffected Product and Version(s)\n\n| Product and Version shipped as a component \n---|--- \nTivoli Network Manager 3.8| IBM DB2 Workgroup Server Edition Version 9.5 \nIBM DB2 Enterprise Server Edition Version 9.5 \nTivoli Network Manager 3.9| IBM DB2 Workgroup Server Edition Version 9.7 \nIBM DB2 Enterprise Server Edition Version 9.7 \nTivoli Network Manager 4.1| IBM DB2 Workgroup Server Edition Version 10.1 \n \n## ", "cvss3": {}, "published": "2018-06-17T14:41:30", "type": "ibm", "title": "Security Bulletin:Security vulnerabilities have been identified in IBM\u00ae DB2\u00ae shipped with Tivoli Network Manager (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-17T14:41:30", "id": "82E90B0B0E258061F33C25F0A8B03BCB3FF054B97C919652DD66BD8655F7659C", "href": "https://www.ibm.com/support/pages/node/511323", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-13T17:45:40", "description": "## Summary\n\nIBM DB2 is shipped as a component of Tivoli Storage Productivity Center and System Storage Productivity Center. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [_IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details.\n\n## Affected Products and Versions\n\nAffected Product and Version(s)\n\n| Product and Version shipped as a component \n---|--- \nTivoli Storage Productivity Center 4.x \nTivoli Storage Productivity Center 5.1.x \nTivoli Storage Productivity Center 5.2.x \nSystem Storage Productivity Center| IBM DB2 Enterprise Server Edition V9.1 \nIBM DB2 Enterprise Server Edition V9.5 \nIBM DB2 Enterprise Server Edition V9.7 \nIBM DB2 Enterprise Server Edition V10.1 \nThe versions listed above apply to all licensed offerings of Tivoli Storage Productivity Center, including IBM SmartCloud Virtual Storage Center Storage Analytics Engine. \n\n## ", "cvss3": {}, "published": "2022-08-19T23:26:06", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM\u00ae DB2\u00ae shipped with Tivoli Storage Productivity Center and System Storage Productivity Center (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2022-08-19T23:26:06", "id": "FDEADD41402A59676F1925CFC9BB1FAC1F74D1189B9D81613FCE71C87F52CFD9", "href": "https://www.ibm.com/support/pages/node/510485", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:58:33", "description": "## Summary\n\nIBM DB2 is shipped as a component of WebSphere Enterprise Service Bus Registry Edition. Information about security vulnerabilities that affect IBM DB2 have been published in a security bulletin\n\n## Vulnerability Details\n\nConsult the security bulletin [IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details.\n\n## Affected Products and Versions\n\n**Affected product and version**\n\n| **Product and version shipped as a component** \n---|--- \nWebSphere Enterprise Service Bus v7.0| IBM DB2 Universal Database Version 9.7 \nIBM DB2 Restricted Enterprise Server Edition 9.5 \nWebSphere Enterprise Service Bus v7.5| IBM DB2 Universal Database Version 9.7 \nIBM DB2 Restricted Enterprise Server Edition 9.7 \n \n## ", "cvss3": {}, "published": "2018-06-15T07:00:25", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with WebSphere Enterprise Service Bus Registry Edition (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-15T07:00:25", "id": "8502A903342FDB1916D6CAB2FC6A1D67BCC841AD550ABA638ED7DD351B9616E5", "href": "https://www.ibm.com/support/pages/node/511735", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:35:06", "description": "## Summary\n\nIBM DB2 is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions (including Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities), Tivoli Asset Management for IT, Tivoli Service Request Manager, Change and Configuration Management Database, and SmartCloud Control Desk, Intelligent Building Management, or TRIRIGA for Energy Optimization. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [_IBM\u00ae DB2\u00ae is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nMaximo Asset Management, Maximo Industry Solutions, Tivoli Asset Management for IT, Tivoli Service Request Manager, and Tivoli Change and Configuration Management Database 7.1 and 7.2| DB2 Enterprise Server Edition 9.1 and \nDB2 Enterprise Server Edition 9.5 \nMaximo Asset Management, Maximo Industry Solutions, and SmartCloud Control Desk 7.5| DB2 Enterprise Server Edition 9.7 and \nDB2 Enterprise Server Edition 10.5 \nIntelligent Building Management 1.1 and TRIRIGA for Energy Optimization 1.1| DB2 Enterprise Server Edition 9.7 \n \n## ", "cvss3": {}, "published": "2022-09-22T03:02:31", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM\u00ae DB2\u00ae shipped with Asset and Service Management (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2022-09-22T03:02:31", "id": "B34D4783D2ECDACCB8C002E3246039DCC0A188A6E13F0E4A763BB57EEFB98FA4", "href": "https://www.ibm.com/support/pages/node/511741", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:49:34", "description": "## Summary\n\nIBM DB2 is shipped as a component of IBM Rational ClearQuest (CQ). Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \nReview security bulletin [_IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details. \n\n## Affected Products and Versions\n\n**Affected Product and Version(s)**\n\n| **DB2 Version shipped as a component ** \n---|--- \nRational ClearQuest 8.0.1.x| DB2 10.1 Enterprise Server or \nDB2 9.7 Enterprise Server \nRational ClearQuest 8.0.0.x| DB2 9.7 Enterprise Server or \nDB2 9.7 Workgroup Server \nRational ClearQuest 7.1.2.x| DB2 9.7 Enterprise Server or \nDB2 9.7 Workgroup Server \nRational ClearQuest 7.1.1.x| DB2 9.5 Workgroup Server \nRational ClearQuest 7.1.0.x| DB2 9.5 Enterprise Server \n \n**Note:** Review_ _[**Licensing agreements for Rational supplied DB2 database software**](<http://www-01.ibm.com/support/docview.wss?uid=swg21216800>)_ _for more information about the DB2 versions bundled with CQ versions. \n\n## Remediation/Fixes\n\nReview the **Remediation/Fixes** section of security bulletin [_IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for a solution.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:54:19", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with Rational ClearQuest (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-17T04:54:19", "id": "818FDB8F463682E340D527E560C09F09B6D231182F68DAA0BDD2F2797033B12C", "href": "https://www.ibm.com/support/pages/node/510893", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:49:31", "description": "## Summary\n\nIBM DB2 Hypervisor Edition is shipped as a component IBM Software Delivery and Lifecycle Patterns. Information about a security vulnerability in IBM DB2 Hypervisor Edition has been published in a security bulletin.\n\n## Vulnerability Details\n\nReview [Security Bulletin: IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details.\n\n## Affected Products and Versions\n\n**Affected Product and Version(s)**\n\n| **Product and Version shipped as a component** \n---|--- \nIBM Software Delivery and Lifecycle Patterns v1.0 and v1.0.1| DB2 Enterprise Server Edition 9.7.0.8 \n \n## Remediation/Fixes\n\nReview the **Remeditation/Fixes** section in [Security Bulletin: IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for the correct fixes of your version of DB2.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:54:25", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM DB2 Hypervisor Edition shipped with IBM Software Delivery and Lifecycle Patterns", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-17T04:54:25", "id": "D1FCE94AFD53F438933CF6467EAC1EB1FB8EB13AF5759CB2140C08E246184D54", "href": "https://www.ibm.com/support/pages/node/510493", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:49:30", "description": "## Summary\n\nIBM DB2 is shipped as a component of Rational Insight. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin. \n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \nReview [Security Bulletin: IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)](<http://www-01.ibm.com/support/docview.wss?uid=swg21671732>) for the vulnerability details. \n\n## Affected Products and Versions\n\nRational Insight 1.0, 1.0.0.1, 1.0.0.2, 1.0.1, 1.0.1 iFix1, 1.0.1.1, 1.1, 1.1.1, 1.1.1.1, 1.1.1.2 and 1.1.1.3\n\n## Remediation/Fixes\n\nReview the **Remediation/Fixes** section in [Security Bulletin: IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)](<http://www-01.ibm.com/support/docview.wss?uid=swg21671732>) to obtain the proper fix for your version of DB2.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:54:38", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with Rational Insight (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-17T04:54:38", "id": "C5D36F4BC6BA92774F49A51F529A4464D6C55183E7C4248AFBD69E9905356626", "href": "https://www.ibm.com/support/pages/node/511459", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:49:32", "description": "## Summary\n\nIBM DB2 is shipped as a component of IBM Rational Asset Manager. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \nReview [Security Bulletin: IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details. \n\n## Affected Products and Versions\n\n**Product and Version(s)**\n\n| **Affected Supporting Product and Version** \n---|--- \nRational Asset Manager V7.5.2, V7.5.1, V7.5, V7.2, V7.1.1, V7.1| IBM DB2 Data Server Trial Versions 9.5, 9.7, 9.8, 10.1, 10.5 \n \n## Remediation/Fixes\n\nReview the **Remediation/Fixes** section in [Security Bulletin: IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for the location of DB2 fixes.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T04:54:38", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with IBM Rational Asset Manager (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-17T04:54:38", "id": "05EAF05B06C98649D8F16E01A68FB0454B724EEB4EDC49CA996B84F305238D5B", "href": "https://www.ibm.com/support/pages/node/511467", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:58:33", "description": "## Summary\n\nIBM DB2 is shipped as a component of WebSphere Dynamic Process Edition. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin. \n\n## Vulnerability Details\n\nConsult the [_IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) security bulletin for vulnerability details.\n\n## Affected Products and Versions\n\n**Affected product and version**\n\n| **Product and version shipped as a component** \n---|--- \nWebSphere Dynamic Process Edition 7.0.x| IBM DB2 Enterprise Server Edition V9.5 \n \n## ", "cvss3": {}, "published": "2018-06-15T07:00:25", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with WebSphere Dynamic Process Edition (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-15T07:00:25", "id": "3BC513A04E20BADD7A8C69207ACE4AFA4A32A70CA0B3843D6A831AF4486BA81A", "href": "https://www.ibm.com/support/pages/node/511513", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:58:32", "description": "## Summary\n\nIBM DB2 is shipped as a component of WebSphere Enterprise Service Bus. Information about security vulnerabilities that affect IBM DB2 have been published in a security bulletin\n\n## Vulnerability Details\n\nConsult the security bulletin [IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details.\n\n## Affected Products and Versions\n\n**Affected product and version**\n\n| **Product and version shipped as a component** \n---|--- \nWebSphere Enterprise Service Bus v6.2| IBM DB2 Restricted Enterprise Server Edition 9.5 \nWebSphere Enterprise Service Bus v7.0| IBM DB2 Restricted Enterprise Server Edition 9.5 \nWebSphere Enterprise Service Bus v7.5| IBM DB2 Enterprise Server Edition 9.7 \n \n## ", "cvss3": {}, "published": "2018-06-15T07:00:25", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with WebSphere Enterprise Service Bus (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-15T07:00:25", "id": "EDB4320F651EB3467E340311504DF85E798692ABA8ECF0CF2E6825340D64AD79", "href": "https://www.ibm.com/support/pages/node/511737", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:43:46", "description": "## Summary\n\nIBM DB2 is shipped as a component of SmartCloud Cost Management (SCCM/TUAM). Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [_IBM\u00ae DB2\u00ae is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nSmartCloud Cost Management 2.1, TUAM 7.3| IBM DB2 RTC 9.1, 9.5, 9.7 \n \n## ", "cvss3": {}, "published": "2018-06-17T22:29:57", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM\u00ae DB2\u00ae shipped with SmartCloud Cost Management (SCCM/TUAM) (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-17T22:29:57", "id": "9F80E10C3AC4ADC787F2BACC8C7AFFB2D2CCA77EEAFC0204E3F3013C6B11CA32", "href": "https://www.ibm.com/support/pages/node/513369", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:53:17", "description": "## Summary\n\nIBM DB2 is shipped as a component of IBM InfoSphere Information Server and IBM InfoSphere Data Click. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [_IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details.\n\n## Affected Products and Versions\n\nAffected Product and Version(s)\n\n| Product and Version shipped as a component \n---|--- \nIBM InfoSphere Information Server versions 8.0, 8.1, 8.5, 8.7 and 9.1.| IBM DB2 Enterprise Server Edition V9.1, V9.5, V9.7, V10.1 \nIBM InfoSphere Data Click version 10.0 on Linux.| IBM DB2 Workgroup Server Edition V10.5 \n \n## ", "cvss3": {}, "published": "2018-06-16T14:07:01", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM\u00ae DB2\u00ae shipped with IBM InfoSphere Information Server and IBM InfoSphere DataClick (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-16T14:07:01", "id": "32B9AE37DE5DD0D1916B8E9F13719C5945A8459CEAA3CF57630C04383368551B", "href": "https://www.ibm.com/support/pages/node/511019", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:43:37", "description": "## Summary\n\nIBM DB2 is shipped as a component of IBM SmartCloud Orchestrator. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin. \n\n## Vulnerability Details\n\nReview the [IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) security bulletin for vulnerability details and fixes.\n\n## Affected Products and Versions\n\nIBM SmartCloud Orchestrator version 2.2 and 2.3. Both IBM SmartCloud Orchestrator versions use DB2 Enterprise Server Edition 10.1. \n\nFor IBM SmartCloud Orchestrator 2.2, you need to upgrade to DB2 Enterprise Server Edition 10.1.3 before installing the fix\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T22:30:49", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM DB2, which shipped with IBM SmartCloud Orchestrator (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-17T22:30:49", "id": "366528920AB08CD4C3342302F9E32351ECF43EDEBAD1ECB41D64BE8D3D3C78F5", "href": "https://www.ibm.com/support/pages/node/513121", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:58:30", "description": "## Summary\n\nIBM DB2 is shipped as a component of WebSphere Remote Server. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin. \n\n## Vulnerability Details\n\nFor vulnerability details, see the [_IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) document.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nWebSphere Remote Server 6.1, 6.2, 6.2.1, 7.0, 7.1, 7.1.1, 7.1.2, 8.5| IBM DB2 Workgroup Server Edition \n9.1, 9.5, 9.7, 10.1 \n \n## ", "cvss3": {}, "published": "2018-06-15T07:00:49", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with WebSphere Remote server (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-15T07:00:49", "id": "692FCB29AD5F41230C6C6CC2A19174CC371C1D7648585DB8E6D0B990AAC48F4A", "href": "https://www.ibm.com/support/pages/node/513841", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T21:36:40", "description": "## Summary\n\nIBM DB2 is shipped as a component of IBM System Networking Element Manager. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [_IBM\u00ae DB2\u00ae is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nIBM System Networking Element Manager, versions 6.1, 6.1.1, and 6.1.2| IBM System Networking Element Manager is packaged as a virtual machine. It uses the Redhat Enterprise Linux 5.0 for x86, 32-bit operating system and uses IBM DB2 Workgroup Server Edition 9.7. Please use the fix pack for: Linux 32-bit, x86-32 on AMD and Intel\u00ae \n \n## ", "cvss3": {}, "published": "2022-08-20T00:54:31", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM\u00ae DB2\u00ae shipped with IBM System Networking Element Manager (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2022-08-20T00:54:31", "id": "2850463C45D90C3D9D097616076C0D9D18A9A20F76719D7B7364C08698764B98", "href": "https://www.ibm.com/support/pages/node/679067", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:52:59", "description": "## Summary\n\nIBM WebSphere Transformation Extender Secure Adapter Collection product is affected by two issues: one related to the TLS implementation which, under very specific conditions, can cause CPU utilization to rapidly increase, the other related to an insecure Elliptic Curve Digital Signature Algorithm.\n\n## Vulnerability Details\n\n \n**CVE ID:** [_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n**Description: **Multiple IBM products are affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the products and other software running on the affected system. \n**CVSS Base Score:** 7.1 \n**CVSS Temporal Score:** See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (AV:N/AC:M/Au:N/C:N/I:N/A:C) \n \n**Workarounds and Mitigations:** \n \n**Method One)** Monitor CPU utilization of IBM WebSphere Transformation Extender Launcher Agent instances. If utilization becomes abnormally high, stop and restart the affected instance. \n \n**Method Two)**** **Configure WTX Launcher Agent to use the legacy security protocol, which does not use GSKit. To do this, perform the following for every WTX instance in your environment: \n1\\. Rename m4gskssl.dll or m4gskssl.so to a different extension (e.g. .dll_disable for windows, .so_disable for UNIX). The older security protocol stack, as implemented by mercssl.dll or mercssl.so, will then be automatically used. \n2\\. In the [SSL_SERVER] section of the dtx.ini configuration file, set \nsecure_mode=0 \nIf secure_mode is set to a value other than zero, then WTX will fail all secure communications, since mercssl module does not implement NIST compliance. \n \n\n\n* * *\n\n \n**CVE ID: **[CVE-2014-0076](<https://vulners.com/cve/CVE-2014-0076>) \n**Description:** OpenSSL could allow a local attacker to obtain sensitive information, caused by an implementation error in ECDSA (Elliptic Curve Digital Signature Algorithm). An attacker could exploit this vulnerability using the FLUSH+RELOAD cache side-channel attack to recover ECDSA nonces. \n**CVSS Base Score:** 2.1 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/91990>[](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (AV:L/AC:L/Au:N/C:P/I:N/A:N) \n**Workarounds and Mitigations: **None. \n\n## Affected Products and Versions\n\nIBM WebSphere Transformation Extender Secure Adapter Collection 8.4.1.1\n\n## Remediation/Fixes\n\nDownload and install IBM WebSphere Transformation Extender Secure Adapter Collection 8.4.1.2 from <http://www.ibm.com/software/howtobuy/passportadvantage>\n\n## ", "cvss3": {}, "published": "2018-06-16T19:37:17", "type": "ibm", "title": "Security Bulletin: IBM WebSphere Transformation Extender Secure Adapter Collection 8.4.1.1 CPU utilization and insecure Elliptic Curve Digital Signature Algorithm (CVE-2014-0963, CVE-2014-0076)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0076", "CVE-2014-0963"], "modified": "2018-06-16T19:37:17", "id": "E121C7A373A623FA01F8270E29E312ADE46003066CF805E43468AC6EA9092162", "href": "https://www.ibm.com/support/pages/node/510497", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:58:33", "description": "## Summary\n\nIBM DB2 is shipped as a component of IBM Business Monitor. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin. \n\n## Vulnerability Details\n\nFor vulnerability details, see the [_IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) document.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nIBM Business Monitor V7.5.x, V8.0, V8.0.1.x| IBM DB2 Express Edition 9.7[](<http://g01zciwas018.ahe.pok.ibm.com/support/dcf/preview.wss?host=g01zcidbs003.ahe.pok.ibm.com&db=support/swg/dmgtech.nsf&unid=6E1509E21E6895E285257CC900535096&taxOC=SSEPGG&MD=2014/05/2013:05:01&sid=>) \n \n## ", "cvss3": {}, "published": "2018-06-15T07:00:26", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with IBM Business Monitor (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-15T07:00:26", "id": "B98B7AD5400A981799D8497048615996312AE5B7D6BF21ECAC1838361CFCA86D", "href": "https://www.ibm.com/support/pages/node/511581", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:54:09", "description": "## Summary\n\nIBM DB2 for Linux, Unix and Windows is affected by multiple problems related to the SSL implementation, which, under very specific conditions, can cause DB2 server to become unresponsive, hang or crash. \n \nBy default, DB2 does not use TLS/SSL for client-server communication and therefore, potential exposure only exists if you are using TLS/SSL.\n\n## Vulnerability Details\n\n \n**CVE ID:** [_CVE-2013-6747_](<https://vulners.com/cve/CVE-2013-6747>) \n \n**DESCRIPTION:** \nIBM DB2 is affected by a problem with the handling of certain SSL messages. A TLS/SSL connection using a malformed certificate chain could cause the server process to hang or crash. \n \n**CVSS:** \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/89863_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/89863>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV/N:AC/M:Au/N:C/N:I/N:A/C) \n \n \n**CVE ID:** [_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION: ** \nIBM DB2 is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the DB2 server and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization of the DB2 server instances. \n \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)\n\n## Affected Products and Versions\n\nThe following IBM DB2 and DB2 Connect V9.1, V9.5, V9.7, V10.1 and V10.5 editions running on AIX, Linux, HP, Solaris and Windows are vulnerable. \n \nIBM DB2 Express Edition \nIBM DB2 Workgroup Server Edition \nIBM DB2 Enterprise Server Edition \nIBM DB2 Connect\u2122 Application Server Edition \nIBM DB2 Connect Application Server Advanced Edition \nIBM DB2 Connect Enterprise Edition \nIBM DB2 Connect Unlimited Edition for System i\u00ae \nIBM DB2 Connect Unlimited Edition for System z\u00ae \nIBM DB2 Connect Unlimited Advanced Edition for System z \nIBM DB2 10.1 pureScale Feature \nIBM DB2 10.5 Advanced Enterprise Server Edition \nIBM DB2 10.5 Advanced Workgroup Server Edition \nIBM DB2 10.5 Developer Edition for Linux, Unix and Windows \n \nThe IBM data server client and driver types are as follows: \n \nIBM Data Server Driver Package \nIBM Data Server Driver for JDBC and SQLJ \nIBM Data Server Driver for ODBC and CLI \nIBM Data Server Runtime Client \nIBM Data Server Client \n \nThe following IBM V9.8 editions running on AIX and Linux: \n \nIBM\u00ae DB2\u00ae pureScale\u2122 Feature for Enterprise Server Edition\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the appropriate fix for this vulnerability. \n \n \n**FIX:** \nThe fix for this vulnerability is available for download for DB2 and DB2 Connect release V10.1 FP4 from Fix Central. Releases V9.7 FP9, V10.1 FP3, and V10.5 FP3 will be updated with the fix and will be available from Fix Central as V9.7 FP9a, V10.1 FP3a, and V10.5 FP3a, respectively. \n \nA special build with an interim patch for this issue may be requested for DB2 and DB2 Connect V9.5 FP9 & FP10, V9.7 FP8, V9.8 FP5 and V10.5 FP2. Please contact your service representative to request the special build and reference the APAR number for the release you want. I hCustomers on fixpack levels lower than those listed above should update to a fixed fix pack level. \n \nDB2 and DB2 Connect V9.1 are no longer supported and therefore no patch will be made available. Please upgrade to a supported version of DB2 or DB2 Connect, as applicable, and apply the fix. Customers who have an extended support contract for this version may contact support to request a fix under the terms of their contract. \n \nJava applications using JCC Type 2 driver will experience problems with V10.1 FP3a. It is recommended customers upgrade to V10.1 FP4 or contact their service representative to request for a special build. \n\n\n \n**Release**| **APAR**| **Download URL** \n---|---|--- \nV9.5 | [_IC98853_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC98853>)| Please contact technical support. \nV9.7 FP9a| [_IC99474_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC99474>)| <http://www.ibm.com/support/docview.wss?uid=swg24037559> \nV9.8| [_IC99476_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC99476>)| Please contact technical support. \nV10.1 FP3a| [_IC99475_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC99475>)| <http://www.ibm.com/support/docview.wss?uid=swg24037557> \nV10.1 FP4| [_IC99475_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC99475>)| <http://www.ibm.com/support/docview.wss?uid=swg24037466> \nV10.5 FP3a| [_IC99477_](<http://www-01.ibm.com/support/docview.wss?uid=swg1IC99477>)| <http://www.ibm.com/support/docview.wss?uid=swg24037555> \n \n \n \nThe following does not apply if your DB2 application is using JDBC Type 4 driver. If you have IBM Data Server Client installed on a system, other than the database server, that uses TLS/SSL it is also vulnerable. To fix this for all DB2 releases, download and install an latest version of \"IBM DB2 Support Files for SSL Functionality V10.1\" from Passport Advantage\u00ae following the instructions available here: <http://pic.dhe.ibm.com/infocenter/db2luw/v10r5/topic/com.ibm.swg.tivoli.gskit.install.doc/doc/c0055353.html>. \n \n \n**Contact Technical Support:** \nIn the United States and Canada dial **1-800-IBM-SERV** \nView the support [_contacts for other countries_](<http://www.ibm.com/planetwide/>) outside of the United States. \nElectronically [_open a Service Request_](<http://www.ibm.com/software/data/db2/support/db2_9/probsub.html>) with DB2 Technical Support. \n \n**_Note:_**_ IBM\u2019s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM\u2019s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion._\n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {}, "published": "2018-06-16T13:05:53", "type": "ibm", "title": "Security Bulletin: IBM\u00ae DB2\u00ae is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-16T13:05:53", "id": "2797DA998B4EF17B666824090DF1A3296B075CEFB4C768385450FEC1161CC3B2", "href": "https://www.ibm.com/support/pages/node/508549", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:48:07", "description": "## Summary\n\nIBM DB2 is shipped as a component of IBM Content Manager Enterprise Edition. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [_IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities_](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) for vulnerability details.\n\n## Affected Products and Versions\n\nAffected Product and Version(s)\n\n| Product and Version shipped as a component \n---|--- \nIBM Content Manager Enterprise Edition V8.4.3| IBM DB2 Enterprise Server Edition V9.7 \nIBM Content Manager Enterprise Edition V8.5| IBM DB2 Enterprise Server Edition V10.1 \n \n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T12:07:46", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM\u00ae DB2\u00ae shipped with IBM Content Manager Enterprise Edition (CVE-2013-6747, CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-17T12:07:46", "id": "B5733CC6336B52846FB109EB3E23A6E4F77BACA339D91F0F2DC5DFBACBE66980", "href": "https://www.ibm.com/support/pages/node/511359", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:52:23", "description": "## Summary\n\nThe IBM Security SiteProtector System product can be impacted by a vulnerability in IBM Global Security Kit (GSKit) as well as a vulnerability in Apache Struts V1.x\n\n## Vulnerability Details\n\n**CVE ID:** \n[_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>)_ _ \n \n**DESCRIPTION:** \nA GSKit vulnerability in relation to TLS Record Processing has been discovered related to TLS 1.0 and later which can result in high CPU Utilization leading requiring a system reboot to resolve. \n \nThe attack does not require local network access nor does it require authentication, but some degree of specialized knowledge and techniques are required. An exploit would not affect the integrity of data or confidentiality of information, but it could impact the availability of the system. \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844%20>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C) \n \n**AFFECTED PRODUCTS AND VERSIONS:** \n \nIBM Security SiteProtector System: 3.0 and 3.1 \n \n**REMEDIATION:** \n \nApply the appropriate eXPress Updates (XPUs) as identified in the SiteProtector Console Agent view: \n \n**For IBM Security SiteProtector 3.0:** \n \nEvent Collector Component: RSEvntCol_WINNT_ST_3_0_0_3.xpu \nAgent Manager Component: AgentManager_WINNT_XXX_ST_3_0_0_20.xpu \nSiteProtector Core Component: ServicePack3_0_0_4.xpu \n \n**For IBM Security SiteProtector 3.1:** \n \nEvent Collector Component: RSEvntCol_WINNT_ST_3_1_0_1.xpu \nAgent Manager Component: AgentManager_WINNT_XXX_ST_3_1_0_3.xpu \nSiteProtector Core Component: ServicePack3_1_0_1.xpu \nEvent Archiver Component: EventArchiver_3_1_0_1.pkg \nUpdate Server Component: UpdateServer_3_1_0_1.pkg \nManual Upgrader Component: MU_3_1_0_1.xpu \n \n \n**Workaround & Mitigation:** \n \nNone \n \n \n**CVE ID:** \n[_CVE-2014-0114_](<https://vulners.com/cve/CVE-2014-0114>)_ _ \n \n**DESCRIPTION:** \nApache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An attacker could exploit this vulnerability using the class parameter of an ActionForm object to manipulate the ClassLoader and execute arbitrary code on the system. \n \nThe attack does not require local network access, authentication, or specialized knowledge and techniques. An exploit could impact the confidentiality of information, integrity of data and the availability of the system. \n \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n \n**AFFECTED PRODUCTS AND VERSIONS:** \n \nIBM Security SiteProtector System: 2.9, 3.0 and 3.1 \n \n**REMEDIATION:** \n \n**For IBM Security SiteProtector 2.9:** \n \nApply patch [_2.9.0.3-ISS-SiteProtector-IF0014.zip_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Proventia+Management+SiteProtector+System&release=All&platform=All&function=all>) that is available on Fix Central. \n \nFor the other releases, apply the appropriate eXPress Updates (XPUs) as identified in the SiteProtector Console Agent view: \n \n**For IBM Security SiteProtector 3.0:** \n \nSiteProtector Core Component: ServicePack3_0_0_4.xpu \n \n**For IBM Security SiteProtector 3.1:** \n \nSiteProtector Core Component: ServicePack3_1_0_1.xpu \n \n \n**Workaround & Mitigation:** \n \nNone\n\n## ", "cvss3": {}, "published": "2018-06-16T21:18:04", "type": "ibm", "title": "Security Bulletin: IBM Security SiteProtector System can be affected by a vulnerability in IBM Global Security Kit (CVE-2014-0963) and in Apache Struts V1.x (CVE-2014-0114)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0114", "CVE-2014-0963"], "modified": "2018-06-16T21:18:04", "id": "91C2C4E11969518B70A8C8F53536E1FA71DEC6EC24848AC3C98F5843AFBFD45E", "href": "https://www.ibm.com/support/pages/node/512853", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T05:45:40", "description": "## Summary\n\nIBM Tivoli Monitoring is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase.\n\n## Vulnerability Details\n\n**CVE ID:** [_CVE-2014-0963_](<https://vulners.com/cve/CVE-2014-0963>) \n \n**DESCRIPTION: ** \nIBM Tivoli Monitoring is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM Tivoli Monitoring and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM Tivoli Monitoring components. \n \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>_ for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C) \n \n \n**CVE-ID**:** **[CVE-2014-0076** **](<https://vulners.com/cve/CVE-2014-0076>) \n**DESCRIPTION**: An attacker running a program on the same machine as where the victim is running a program could use CPU timing information to discover key information about certain kinds of binary type Elliptic Curves used in Digital signatures during signing operations. Although GSKit only generates Prime type Elliptic Curves, externally generated keys may be imported in GSKit. \n \nCVSS Base Score: 2.1 \nCVSS Temporal Score: See<https://exchange.xforce.ibmcloud.com/vulnerabilities/91990> \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:L/Au:N/C:P/I:N/A:N) \n\n\n## Affected Products and Versions\n\n_CVE-2014-0963_ affects all IBM Tivoli Monitoring components, including agents for the following versions: \n\n * IBM Tivoli Monitoring version 6.22 through 6.22 FP9\n * IBM Tivoli Monitoring version 6.23 through 6.23 FP5\n * IBM Tivoli Monitoring version 6.30 through 6.30 FP2 \n * _CVE-2014-0076_ affects all IBM Tivoli Monitoring components, including agents for the following version: \n\n * IBM Tivoli Monitoring version 6.30 through 6.30 FP2 \n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions to uplift the IBM Global Security Kit (GSKit) to the remediated version.. Follow the installation instructions in the README files included with each patch. \n \n \nThe following link contains information about downloading the patches: \n[**__http://www.ibm.com/support/docview.wss?uid=swg24037451.__**](<http://www-01.ibm.com/support/docview.wss?uid=swg24037451>)\n\n## ", "cvss3": {}, "published": "2018-06-17T15:23:58", "type": "ibm", "title": "Security Bulletin:\tIBM Tivoli Monitoring CPU utilization (CVE-2014-0963)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0076", "CVE-2014-0963"], "modified": "2018-06-17T15:23:58", "id": "1956448F2DBC51C3B3467B5549FC9341668B404BAB7181B5F9FFBD1629534E0E", "href": "https://www.ibm.com/support/pages/node/510637", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:52:58", "description": "## Summary\n\nIBM DB2 and IBM SPSS Modeler are shipped as components of IBM Predictive Maintenance and Quality. Information about security vulnerabilities affecting IBM DB2 and IBM SPSS Modeler has been published in security bulletins. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21671732>) and [IBM SPSS Modeler CPU utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21673666>) for vulnerability details.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nIBM Predictive Maintenance and Quality 1.0| IBM DB2 Enterprise Server Edition 9.7.0.7 \nDB2 Connect Personal Edition 9.7.0.7 \nIBM Predictive Maintenance and Quality 2.0| IBM DB2 Enterprise Server Edition 10.1 FP3 \nIBM Data Server Runtime Client 10.1 \nIBM Predictive Maintenance and Quality 2.0| IBM SPSS Modeler Server Premium 16.0 \n \n## ", "cvss3": {}, "published": "2018-06-15T22:33:19", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM DB2 and IBM SPSS Modeler shipped with IBM Predictive Maintenance and Quality (CVE-2014-0963, CVE-2013-0647)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0647", "CVE-2013-6747", "CVE-2014-0963"], "modified": "2018-06-15T22:33:19", "id": "8FE07048567B925AF97BAE2865B8D3D33C2E7F2D25EB7F6EFEA443B90CF8390A", "href": "https://www.ibm.com/support/pages/node/251883", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-22T01:47:12", "description": "## Summary\n\nA security vulnerability has been identified in IBM Tivoli Monitoring, Tivoli Provisioning Manager for OS Deployment and IBM Tivoli Monitoring for Energy Management shipped with IBM System Director Editions. (CVE-2014-0963, CVE-2014-0076)\n\n## Vulnerability Details\n\n## Abstract\n\nIBM Tivoli Monitoring, Tivoli Provisioning Manager for OS Deployment and IBM Tivoli Monitoring for Energy Management are shipped as components of IBM System Director Editions. Information about the security vulnerability affecting these components has been published in the security bulletin.\n\n## Content\n\n**Vulnerability Details:**\n\n**CVE ID**: [CVE-2014-0963](<https://vulners.com/cve/CVE-2014-0963>), [CVE-2014-0076](<https://vulners.com/cve/CVE-2014-0076>)[ \n](<https://vulners.com/cve/CVE-2014-0082>) \n**Description:** \n \nPlease consult the security bulletins listed below for the vulnerability details of the affected products.\n\n## Affected products and versions\n\n**Affected Product(s) and Version(s)** | **Product and Version shipped as a component** | **Security Bulletin** \n---|---|--- \nIBM System Director Editions 6.2.0.0 | IBM Tivoli Monitoring 6.2.2.02 base FP2 | <http://www-01.ibm.com/support/docview.wss?uid=swg21673715> \nIBM Tivoli Monitoring for Energy Management 6.2.1 | <http://www-01.ibm.com/support/docview.wss?uid=swg21673715> \nIBM System Director Editions 6.2.1.0 | IBM Tivoli Monitoring 6.2.2 | <http://www-01.ibm.com/support/docview.wss?uid=swg21673715> \nIBM Tivoli Monitoring for Energy Management 6.2.1 | <http://www-01.ibm.com/support/docview.wss?uid=swg21673715> \nIBM Tivoli Provisioning Manager for OS Deployment 7.1.1 | [ http://www-01.ibm.com/support/docview.wss?rs=1015&uid=swg21672397](<http://www-01.ibm.com/support/docview.wss?rs=1015&uid=swg21672397>) \nIBM System Director Editions 6.3.0.0 | IBM Tivoli Monitoring 6.2.3 | <http://www-01.ibm.com/support/docview.wss?uid=swg21673715> \nIBM Tivoli Monitoring for Energy Management 6.3.2 | <http://www-01.ibm.com/support/docview.wss?uid=swg21673715> \nIBM Tivoli Provisioning Manager for OS Deployment 7.1.1 FP4 | [ http://www-01.ibm.com/support/docview.wss?rs=1015&uid=swg21672397](<http://www-01.ibm.com/support/docview.wss?rs=1015&uid=swg21672397>) \nIBM System Director Editions 6.3.2.0 | IBM Tivoli Monitoring 6.2.3 | <http://www-01.ibm.com/support/docview.wss?uid=swg21673715> \nIBM Tivoli Provisioning Manager for OS Deployment 7.1.1 FP11 | <http://www-01.ibm.com/support/docview.wss?uid=swg21673715> \n \n**Related Information:**\n\n[IBM Secure Engineering Web Portal](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) [](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>)\n\n**Change History** \n02 June 2014: Original Version Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash.\n\nNote: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2019-01-24T12:40:01", "type": "ibm", "title": "Security Bulletin: Security vulnerability has been identified in IBM Tivoli Monitoring, Tivoli Provisioning Manager for OS Deployment and IBM Tivoli Monitoring for Energy Management shipped with IBM System Director Editions (CVE-2014-0963, CVE-2014-0076)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0076", "CVE-2014-0082", "CVE-2014-0963"], "modified": "2019-01-24T12:40:01", "id": "84AA667170733EF7CB75EEF1EFB7E5DF12DC3AADEE300B34C32DBFCCAEA0C5A6", "href": "https://www.ibm.com/support/pages/node/812632", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T05:48:04", "description": "## Summary\n\nIBM Content Collector for SAP Applications ships IBM SDK Java\u2122 Technology Edition, Version 6 and Version 7, which have security vulnerabilities that might be exposed within the use of Content Collector for SAP Applications. \n\n## Vulnerability Details\n\n \n**CVE ID:** [CVE-2014-3566](<https://vulners.com/cve/CVE-2014-0411>)[](<https://vulners.com/cve/CVE-2014-0963>)[](<https://vulners.com/cve/CVE-2014-0963>) \n**Description: ** \nProduct could allow a remote attacker to obtain sensitive information, caused by a design error when using the SSLv3 protocol. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via a POODLE (Padding Oracle On Downgraded Legacy \nEncryption) attack to decrypt SSL sessions and access the plaintext of encrypted connections. \n.** \nCVSS:** \nCVSS Base Score: 4.30 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/97013> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (**AV:N/AC:M/Au:N/C:P/I:N/A:N****)** \n \n\n\n**CVE ID:** [_CVE-2014-4244_](<https://vulners.com/cve/CVE-2014-4244>)** \nDESCRIPTION:** An unspecified vulnerability in Oracle Java SE and JRockit related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/94605_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/94605>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)\n\n \n**CVE ID:** [_CVE-2014-4263_](<https://vulners.com/cve/CVE-2014-4263>)** \nDESCRIPTION:** An unspecified vulnerability in Oracle Java SE and JRockit related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact. \nCVSS Base Score: 4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/94606_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/94606>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N) \n \n \n**CVE ID:** [](<https://vulners.com/cve/CVE-2014-0963>)[](<https://vulners.com/cve/CVE-2014-0963>)[CVE-2014-6457](<https://vulners.com/cve/CVE-2014-0453>) [](<https://vulners.com/cve/CVE-2014-0963>)** \nDescription:** \nAn unspecified vulnerability in Oracle Java SE and JRockit related to the JSSE component has partial confidentiality impact, partial integrity impact, and no availability impact. \n**CVSS:** \nCVSS Base Score: 4.00 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/97148>[](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92490>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N) \n \n \n**CVE ID:** [](<https://vulners.com/cve/CVE-2014-0963>)[](<https://vulners.com/cve/CVE-2014-0963>)[CVE-2014-6468](<https://vulners.com/cve/CVE-2014-0453>) [](<https://vulners.com/cve/CVE-2014-0963>)** \nDescription:** \nAn unspecified vulnerability related to the Hotspot component has complete confidentiality impact, complete integrity impact, and complete availability impact. \nThis vulnerability only applies to the Solaris platform. \n**CVSS:** \nCVSS Base Score: 6.90 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/97138> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C) \n \n\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. \n\n## Affected Products and Versions\n\nIBM Content Collector for SAP Applications V4.0\n\nIBM Content Collector for SAP Applications V3.0\n\nIBM Content Collector for SAP Applications V2.2\n\n## Remediation/Fixes\n\nIBM provides patches for the affected version. Follow the installation instructions in the README files that is included in the patch. \n\n**_Product_**| **_VRMF_**| **_APAR_**| **_Remediation/First Fix_** \n---|---|---|--- \nIBM Content Collector for SAP Applications| 4.0.0.0| HE12214| Apply Interim Fix 1, which is available from Fix Central \nIBM Content Collector for SAP Applications| 3.0.0 \nFix Pack 1| HE12213| Apply Interim Fix 4, which is available from Fix Central \nIBM Content Collector for SAP Applications| 2.2.0 \nFix Pack 2| HE12207| Apply Interim Fix 2, which is available from Fix Central** (This version has reached end of support)** \n \nSee <http://www.ibm.com/support/docview.wss?uid=swg24038935> (for V4.0) and <http://www.ibm.com/support/docview.wss?uid=swg24038934> (for V3.0) respectively, for the download details. \nThe IBM Content Collector for SAP Applications Version 2.2.0 has reached end of support. \n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2018-06-17T12:09:29", "type": "ibm", "title": "Security Bulletin: IBM Content Collector for SAP Applications affected by vulnerabilities in IBM SDK Java\u2122 Technology Edition, Version 6 and Version 7 (CVE-2014-3566, CVE-2014-4244, CVE-2014-4263, CVE-2014-6457, CVE-2014-6468)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0411", "CVE-2014-0453", "CVE-2014-0963", "CVE-2014-3566", "CVE-2014-4244", "CVE-2014-4263", "CVE-2014-6457", "CVE-2014-6468"], "modified": "2018-06-17T12:09:29", "id": "21DCD60F05F101131A882E7474AD57C6F427B431166473D46B1F1AFD8AEDC9CB", "href": "https://www.ibm.com/support/pages/node/520229", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:36:20", "description": "## Summary\n\nCross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 8.5.5.3, IBM WebSphere Application Server Hypervisor 8.5.5.3 and IBM HTTP Server 8.5.5.3. \n\n## Vulnerability Details\n\n**CVE ID: **[**_CVE-2014-3022_**](<https://vulners.com/cve/CVE-2014-3022>) **(APAR PI09594) \n \nDESCRIPTION: **WebSphere Application Server allows for an information disclosure when an error page is displayed using a specially crafted URL. ** \n \nCVSS:** _ \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/93060_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/93060>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n\n* Version 8.5 \n* Version 8 \n* Version 7\n \n** \nRemediation/Fixes: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<https://www-304.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI09594, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.2:**\n* Apply Fix Pack 3 (8.5.5.3), or later.[](<https://www-304.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later.\n \n** \nFor V7.0.0.0 through 7.0.0.31:**\n* Apply Fix Pack 33 (7.0.0.33), or later. \n \n**_ \nWorkaround(s):_** None known**_ \nMitigation(s):_** None known \n \n** \nCVE ID: **[**_CVE-2014-0965_**](<https://vulners.com/cve/CVE-2014-0965>) **(APAR PI11434)** ** \n \nDESCRIPTION: **WebSphere Application Server could allow a remote attacker to obtain sensitive information caused by improper handling of SOAP responses. ** \n \nCVSS:** _ \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/92878_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92878>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8 \n* Version 7\n \n** \nRemediation/Fixes: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<https://www-304.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI11434, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.2:**\n* Apply Fix Pack 3 (8.5.5.3), or later. [](<https://www-304.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later.\n \n** \nFor V7.0.0.0 through 7.0.0.31:**\n* Apply Fix Pack 33 (7.0.0.33), or later. \n \n**_ \nWorkaround(s):_** None known **_ \nMitigation(s):_** None known \n** \n**** \nCVE ID: **[**_CVE-2014-0098_**](<https://vulners.com/cve/CVE-2014-0098>) **(APAR PI13028) \n \nDESCRIPTION: **IBM HTTP Server may be vulnerable to a denial of service, caused by certain cookies being logged in the access log. A remote attacker could exploit this vulnerability to cause the server process to hang or crash. This only affects users that have modified their configuration to add cookie logging. \n\n**CVSS:** _ \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/91879_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/91879>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:L/Au:N/C:N/I:N/A:P)_\n\n**Affected Versions/Remediation/Fixes/Workaround/Mitigation** \nPlease refer to [_WebSphere Application Server Security bulletin for CVE-2014-0098_](<https://www-304.ibm.com/support/docview.wss?uid=swg21667526>) for remediation information. \n\n\n**CVE ID: **[**_CVE-2014-3070_**](<https://vulners.com/cve/CVE-2014-3070>) **(APAR PI16765) \n \nDESCRIPTION: **WebSphere Application Server could allow a remote attacker to bypass security restrictions caused by improper account creation with the Virtual Member Manager SPI Admin Task addFileRegistryAccount. \n\n**CVSS:** _ \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/93777_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/93777>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:L/Au:N/C:N/I:P/A:N)_\n\n**Affected Versions/Remediation/Fixes/Workaround/Mitigation** \nPlease refer to [_WebSphere Application Server Security bulletin for CVE-2014-3070_](<https://www-304.ibm.com/support/docview.wss?uid=swg21676222>) for remediation information. \n \n** \nCVE ID: **[**_CVE-2014-0963_**](<https://vulners.com/cve/CVE-2014-0963>)** (APAR PI17025) \n \nDESCRIPTION: **IBM HTTP Server is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM HTTP Server and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM HTTP Server instances, or monitor the mod_mpmstats output written to the ErrorLog. \n\n**CVSS:** _ \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:N/I:N/A:C)_\n\n**Affected Versions/Remediation/Fixes/Workaround/Mitigation** \nPlease refer to [_WebSphere Application Server Security bulletin for CVE-2014-0963_](<https://www-304.ibm.com/support/docview.wss?uid=swg21672843>) for remediation information. \n\n\n \n \n**CVE ID: **[**_CVE-2014-3083_**](<https://vulners.com/cve/CVE-2014-3083>) **(APAR PI17768)** ** \n \nDESCRIPTION: **WebSphere Application Server could allow a remote attacker to obtain sensitive information, caused by the failure to restrict access to resources located within the web application. An attacker could exploit this vulnerability to obtain configuration data and other sensitive information. ** \n \nCVSS:** _ \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/93954_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/93954>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:L/Au:N/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8.5 Liberty Profile if you have installed the Portlet Container feature from the WASdev Liberty Repository. \n* Version 8 \n* Version 7\n \n** \nRemediation/Fixes: **Remediation is needed for WebSphere Application Server as well as there may be a need for your own portlets to be updated to avoid this issue. The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply an [Interim Fix](<http://www-01.ibm.com/support/docview.wss?uid=swg24038178>), [_Fix Pack or PTF_](<https://www-304.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI17768, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.2 (Full Profile):**\n* Apply Fix Pack 3 (8.5.5.3), or later. [](<https://www-304.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n\\-- Or -- \n* Apply Interim Fix [PI17768 ](<http://www-01.ibm.com/support/docview.wss?uid=swg24038178>)** \n**\n \n**For V8.5.0.0. through 8.5.5.2 (Liberty Profile):** \n** If you have the installed the Portlet Container Feature from WASdev Liberty Repository:**\n* Remove the Portlet Container feature from your Liberty Profile server by deleting the following files and directories:\n \n`usr\\extension\\dev\\api\\spec\\com.ibm.websphere.appserver.api.portlet_2.0.0.jar` \n`usr\\extension\\dev\\api\\spec\\com.ibm.ws.javaee.ccpp_1.0.0.jar` \n`usr\\extension\\dev\\api\\spec\\com.ibm.ws.javaee.portlet_2.0.0.jar` \n`usr\\extension\\lib\\com.ibm.ws.portletcontainer_2.0.0.jar` \n`usr\\extension\\lib\\features\\com.ibm.websphere.appserver.portlet-2.0.mf` \n`usr\\extension\\lib\\features\\l10n\\com.ibm.websphere.appserver.portlet-2.0.properties` \n`usr\\extension\\lafiles\\com.ibm.websphere.appserver.portlet-2.0 directory and all subdirectories` \n \nThen install the most current version of the Portlet Container from the WASdev Liberty Repository. \n \n**For V8.0.0.0 through 8.0.0.9:**\n* Apply Fix Pack 10 (8.0.0.10), or later.\n \n\\-- Or -- \n* Apply Interim Fix [PI17768](<http://www-01.ibm.com/support/docview.wss?uid=swg24038178>)** \n**\n \n \n**For V7.0.0.0 through 7.0.0.33:**\n* Apply Fix Pack 35 (7.0.0.35), or later. \n \n\\-- Or -- \n* Apply Interim Fix [PI17768](<http://www-01.ibm.com/support/docview.wss?uid=swg24038178>)\n \n \n**Remediation for portlets: ** \n \nAll JSR 286 compliant portlets that derive from class javax.portlet.GenericPortlet must override method serveResource. \nAn overriding serveResource implementation must not call super.serveResource. \nIf the portlet does not use resource serving, a empty implementation of serveResource should be used. \n \n \n`Example: This empty implementation is correct for a portlet that does not use resource serving:` ` \n@Override` `** \npublic**` ` ` `**void**` ` serveResource(ResourceRequest request, ResourceResponse response)` `**throws**` ` PortletException, IOException {` ` \n// Empty implementation on purpose` ` \nif (logger.isLoggable(Level.WARNING) {` ` \n// Unexpected call to serveResource, therefore log a warning.` ` \nlogger.log(Level.WARNING, \"Unexpected call to serveResource.\");` ` \n}` ` \n}` \n` \nExample of a WRONG fix:` \n` \n@Override` `** \npublic**` ` ` `**void**` ` serveResource(ResourceRequest request, ResourceResponse response)` `**throws**` ` PortletException, IOException {` ` \n// ``**FIXME **``This is wrong: Calling super.serveResource does not fix the security issue !` `** \nsuper**` `.serveResource(request, response);` ` \n}` \n**_ \nWorkaround(s):_** None known **_ \nMitigation(s):_** None known \n\n\n**CVE ID: **[**_CVE-2014-0076_**](<https://vulners.com/cve/CVE-2014-0076>) **(APAR PI19700) \n \nDESCRIPTION: **The GSKit component in IBM HTTP Server could allow a local attacker to obtain sensitive information, caused by an implementation error in ECDSA (Elliptic curve Digital Signature Algorithm). ** \n \nCVSS:** _ \nCVSS Base Score: 2.1 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/91990_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/91990>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:L/AC:L/Au:N/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n\n* Version 8.5 \n* Version 8 \n \n** \nRemediation/Fixes: **No action is required unless all of these conditions are met: \n* SSL is enabled \n* IBM HTTP Server is Version 8 or later \n* SSLCipherSpec has enabled ECDHE_ECDSA* ciphers \n* Configured certificate uses an ECC key rather than RSA \n* Configured certificate was created by a tool other than ikeyman or gskcapicmd\n \n**_ \nFix:_** \nIf all of the above conditions are met, then apply the appropriate [_Fix Pack, PTF_](<https://www-304.ibm.com/support/docview.wss?rs=180&uid=swg27004980>), or Interim Fix containing APAR PI19700, as noted below. If the SSLFIPSEnable directive is specified, the vulnerability remains after applying the fix. As a remediation, disable SSLFIPSEnable, or change any of the above conditions. ** \n \nFor affected IBM HTTP Server: \n \nFor V8.5.0.0 through 8.5.5.2:**\n* Apply Fix Pack 3 (8.5.5.3), or later.\n \n\\-- Or -- [](<https://www-304.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n* Apply Interim Fix [_PI19700_](<https://www-304.ibm.com/support/docview.wss?uid=swg24037906>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later.\n \n\\-- Or -- \n* Apply Interim Fix [_PI19700_](<https://www-304.ibm.com/support/docview.wss?uid=swg24037906>)\n \n**_ \nWorkaround(s):_** None known**_ \nMitigation(s):_** None known \n** \n** \n**CVE ID: **[**_CVE-2014-4764_**](<https://vulners.com/cve/CVE-2014-4764>) **(APAR PI21189)** ** \n \nDESCRIPTION: **WebSphere Application Server on Windows using Load Balancer for IPv4 Dispatcher component may be vulnerable to a denial of service. A remote attacker could exploit this vulnerability to cause the Load Balancer to crash. ** \n \nCVSS:** _ \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/94723_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/94723>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:N/I:N/A:C)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8 \n \n** \nRemediation/Fixes: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<https://www-304.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI21189, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.2:**\n* Apply Fix Pack 3 (8.5.5.3), or later.\n \n \n** \nFor V8.0.0.0 through 8.0.0.9:**\n* Apply Fix Pack 10 (8.0.0.10), or later**_._**\n \n**_ \nWorkaround(s):_** None known**_ \nMitigation(s):_** None known \n \n \n**CVE ID: **[**_CVE-2014-4767_**](<https://vulners.com/cve/CVE-2014-4767>) **(APAR PI21284)** ** ** \n** \nDESCRIPTION: **WebSphere Application Server Liberty Profile could provide weaker than expected security when installing features via the Liberty Repository. A remote attacker could exploit this vulnerability to cause the installation of malicious code.** \n \nCVSS:** _ \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/94832_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/94832>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:S/C:N/I:P/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 Liberty Profile \n \n** \nRemediation/Fixes: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply an Interim Fix, [_Fix Pack or PTF_](<https://www-304.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI21284, as noted below: ** \n \nFor IBM WebSphere Application Server \n** \n**For V8.5.0.0 through 8.5.5.2:**\n* Apply Fix Pack 3 (8.5.5.3), or later.\n \n\\-- Or -- [](<https://www-304.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n* Apply Interim Fix PI21284[](<https://www-304.ibm.com/support/docview.wss?uid=swg24037906>)\n* \n**_Workaround(s):_** None known**_ \nMitigation(s):_** None known \n \n \n**IBM SDK: **Please refer to this security bulletin for SDK fixes that were shipped with WebSphere Application Server Version 8.5.5.3 _ \n_[_http://www-01.ibm.com/support/docview.wss?uid=swg21680418_](<https://www-304.ibm.com/support/docview.wss?uid=swg21680418>)\n\n## ", "cvss3": {}, "published": "2022-09-08T00:26:26", "type": "ibm", "title": "Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5.3", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0076", "CVE-2014-0098", "CVE-2014-0963", "CVE-2014-0965", "CVE-2014-3022", "CVE-2014-3070", "CVE-2014-3083", "CVE-2014-4764", "CVE-2014-4767"], "modified": "2022-09-08T00:26:26", "id": "65EDC6979FFB4C4B7EB0617BEE2354DA585EB2C409187E00A923B5C999E22271", "href": "https://www.ibm.com/support/pages/node/247195", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-21T01:44:49", "description": "## Summary\n\nIBM SmartCloud Cost Management is shipped as a component of IBM Cloud Orchestrator Enterprise and IBM SmartCloud Orchestrator Enterprise. Information about security vulnerabilities affecting IBM SmartCloud Cost Management has been published in a security bulletin.\n\n## Vulnerability Details\n\nConsult the security bulletins for IBM SmartCloud Cost Management for vulnerability details and information about fixes. \n\n\n * [Security Bulletin: HTTP response splitting has been identified in IBM WebSphere Application Server Liberty Profile shipped with SmartCloud Cost Management and Tivoli Usage Accounting Manager (CVE-2015-2017)](<http://www-01.ibm.com/support/docview.wss?uid=swg2C1000121>)\n * [Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with SmartCloud Cost Management and Tivoli Usage Accounting Manager (CVE-2015-7450)](<http://www-01.ibm.com/support/docview.wss?uid=swg2C1000003>) \n\n * * [Security Bulletin: A security vulnerability has been found in IBM WebSphere Application Server 8.5.5.6 shipped with Tivoli Usage and Accounting Manager/SmartCloud Cost Management (CVE-2015-1927)](<http://www.ibm.com/support/docview.wss?uid=swg21964651>) \n \n\n * [Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with Tivoli Usage and Accounting Manager/SmartCloud Cost Management. (CVE-2015-1932)](<http://www.ibm.com/support/docview.wss?uid=swg21965064>) \n \n\n * [Security Bulletin: A security vulnerability has been found in IBM WebSphere Application Server 8.5.5.6 shipped with Tivoli Usage and Accounting Manager/SmartCloud Cost Management (CVE-2015-1885)](<http://www.ibm.com/support/docview.wss?uid=swg21964504>)** \n \n**\n * [Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with Tivoli Usage and Accounting Manager/SmartCloud Cost Management (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21964499>) \n \n\n * [Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with Tivoli Usage and Accounting Manager/SmartCloud Cost Management. (CVE-2015-4938)](<http://www.ibm.com/support/docview.wss?uid=swg21964864>) \n \n\n * [Security Bulletin: Security vulnerabilities have been identified in IBM\u00ae DB2\u00ae shipped with SmartCloud Cost Management (SCCM/TUAM) (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21675921>) \n \n\n * [Security Bulletin: Tivoli Usage and Accounting Manager / SmartCloud Cost Management (CVE-2015-1920) ](<http://www.ibm.com/support/docview.wss?uid=swg21957821>) \n \n\n * [Security Bulletin: Vulnerability in RC4 stream cipher affects Tivoli usage and Accounting Manager / SmartCloud Cost Management (CVE-2015-2808, CVE-2015-0138 )](<http://www.ibm.com/support/docview.wss?uid=swg21883107>)\n\n## Affected Products and Versions\n\n** Principal Product and Version**\n\n| ** Affected Supporting Product and Version** \n---|--- \nIBM Cloud Orchestrator Enterprise 2.5, 2.5.0.1| IBM SmartCloud Cost Management 2.1.0.5 \nIBM Cloud Orchestrator Enterprise 2.4 and 2.4.0.1, 2.4.0.2, 2.4.0.3| IBM SmartCloud Cost Management 2.1.0.4 \nIBM SmartCloud Orchestrator Enterprise 2.3 and 2.3.0.1| IBM SmartCloud Cost Management 2.1.0.3 \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-17T22:30:51", "type": "ibm", "title": "Security Bulletin: Multiple security vulnerabilities in IBM SmartCloud Cost Management shipped with IBM Cloud Orchestrator Enterprise and IBM SmartCloud Orchestrator Enterprise", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6747", "CVE-2014-0963", "CVE-2015-0138", "CVE-2015-1885", "CVE-2015-1920", "CVE-2015-1927", "CVE-2015-1932", "CVE-2015-2017", "CVE-2015-2808", "CVE-2015-4000", "CVE-2015-4938", "CVE-2015-7450"], "modified": "2018-06-17T22:30:51", "id": "705280D237DEDB26D3D68396BC2097819ADC8127D93D08AF8CFC027E9A703179", "href": "https://www.ibm.com/support/pages/node/262093", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:36:00", "description": "## Summary\n\nCross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 7.0.0.33 and IBM WebSphere Application Server Hypervisor Edition 7.0.0.33\n\n## Vulnerability Details\n\n**CVE ID: **[**_CVE-2013-6323_**](<https://vulners.com/cve/CVE-2013-6323>) **(PI04777 and PI04880)** ** \n \nDESCRIPTION: **The Administration Console of IBM WebSphere Application Server and IBM WebSphere Application Server Virtual Edition may be vulnerable to cross-site scripting, caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability to create a specially-crafted URL to execute script in a victim\u2019s Web browser within the security context of the hosting Web site, once the URL is clicked.** \n \nCVSS:** _ \nCVSS Base Score: 3.5 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/88903_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/88903>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:S/C:N/I:P/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n\n* Version 8.5 \n* Version 8 \n* Version 7 \n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) for WebSphere Application Server as noted below: ** \n** \n**For IBM WebSphere Application Server (PI04777)** \n**For V8.5.0.0 through 8.5.5.1:**\n* Apply Fix Pack 2 (8.5.5.2), or later. \n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later. \n \n** \nFor V7.0.0.0 through 7.0.0.29:**\n* Apply Fix Pack 33 (7.0.0.33), or later.\n \n** \nFor IBM WebSphere Virtual Enterprise (PI04880)** ** \nFor V7.0.0.0 through 7.0.0.4:**\n* Apply Fix Pack 5 (7.0.0.5), or later.\n \n \n**_Workaround(s):_** None **_ \nMitigation(s):_** none \n**_Acknowledgement:_** Thanks to Michael Hoffman for reporting this vulnerability to IBM. \n\n\n**CVE ID: **[**_CVE-2013-6329_**](<https://vulners.com/cve/CVE-2013-6329>) **(PI05309)**\n\n**DESCRIPTION**: Potential denial of service in SSL handshake processing with IBM HTTP Server. \n\n**CVSS:** \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/88939_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/88939>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C) \n\n**AFFECTED VERSIONS: **This problem affects the IBM HTTP Server component in all editions of WebSphere Application Server and bundling products: \n\u00b7 Version 8.5 \n\u00b7 Version 8 \n\u00b7 Version 7 \n\u00b7 Version 6.1 \n\n**REMEDIATION: ** Please refer to [WebSphere Application Server Security bulletin for CVE-2013-6349](<http://www-01.ibm.com/support/docview.wss?uid=swg21659548>) for remediation information and workaround information. ** **\n\n \n** \n \nCVE ID: **[**_CVE-2013-6738_**](<https://vulners.com/cve/CVE-2013-6738>) **(PI05661)** ** \n \nDESCRIPTION: **IBM WebSphere Application Server OAuth is vulnerable to cross-site scripting, caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability to create a specially-crafted URL to execute script in a victim\u2019s Web browser within the security context of the hosting Web site, once the URL is clicked. ** \n \nCVSS:** _ \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/89854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/89854>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:N/I:P/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 Full Profile and Liberty Profile\n* Version 8 \n* Version 7\n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI05661, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.1:**\n* Apply Fix Pack 2 (8.5.5.2), or later.[](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9(8.0.0.9), or later.\n \n \n**For V7.0.0.0 through 7.0.0.31:**\n* Apply Fix Pack 33(7.0.0.33), or later.\n \n** \n****_Workaround(s):_** None. **_ \nMitigation(s):_** None. \n** \n**** \nCVE ID: **[**_CVE-2014-0859_**](<https://vulners.com/cve/CVE-2014-0859>) **(PI08892)** ** \n \nDESCRIPTION: **IBM WebSphere Application server using the web server plugin that is configured to retry failed POST requests may be vulnerable to a denial of service. A remote attacker could exploit this vulnerability to cause the Application Server to crash. \n** \nCVSS:** _ \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/90879_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/90879>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:L/Au:N/C:N/I:N/A:P)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8 \n* Version 7\n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI08892, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.1:**\n* Apply Fix Pack 2 (8.5.5.2), or later. [](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later.\n \n** \nFor V7.0.0.0 through 7.0.0.31:**\n* Apply Fix Pack 33 (7.0.0.33), or later. \n \n**_ \nWorkaround(s):_** None **_ \nMitigation(s):_** none \n \n** \nCVE ID:** [**_CVE-2013-6438_**](<https://vulners.com/cve/CVE-2013-6438>) **(PI09345)** \n**DESCRIPTION**: IBM HTTP Server may be vulnerable to a buffer overflow in the optional mod_dav module when using mod_dav addons. A remote attacker could overflow a buffer and cause a denial of service. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/90878_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/90878>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P) \n\n**AFFECTED VERSIONS: **This problem affects the IBM HTTP Server component in all editions of WebSphere Application Server and bundling products: \n\u00b7 Version 8.5 \n\u00b7 Version 8 \n\u00b7 Version 7 \n\n\n**REMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical \n\n**_Fix:_**Apply a Fix Pack, PTF or Interim Fix containing APAR PI09345, as noted below: \n\n**For affected IBM HTTP Server for WebSphere Application Server:**\n\n**For V8.5.0.0 through 8.5.5.1 Full Profile:**\n\n* Apply Interim Fix [PI09345](<http://www-01.ibm.com/support/docview.wss?uid=swg24037538>)\n \n\\-- OR \n* Apply Fix Pack 8.5.5.2 or later. \n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Interim Fix [PI09345](<http://www-01.ibm.com/support/docview.wss?uid=swg24037538>)\n \n\\-- OR \n* Apply Fix Pack 8.0.0.9 or later. \n* \n** \nFor V7.0.0.0 through 7.0.0.31:**\n* Apply Interim Fix [PI09345](<http://www-01.ibm.com/support/docview.wss?uid=swg24037538>)\n \n\\-- OR \n* Apply Fix Pack 7.0.0.33 or later.\n \n \n**_Workaround(s):_** Do not use optional mod_dav module. **_ \nMitigation(s):_** none ** \n \n** \n**CVE ID: **[**_CVE-2013-6747_**](<https://vulners.com/cve/CVE-2013-6747>)** (PI09443) \n \nDESCRIPTION: **IBM HTTP Server may be vulnerable to a denial of service, caused by an error in the GSKit component. By initiating an SSL/TLS connection using a malformed certificate chain, a remote attacker could exploit this vulnerability to cause the server process to hang or crash. \n\n**CVSS:** _ \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/89863_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/89863>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:N/I:N/A:C)_\n\n**Affected Versions/Remediation/Workaround/Mitigation**\n\n \nPlease refer to [ WebSphere Application Server Security bulletin for CVE-2013-6747](<http://www-01.ibm.com/support/docview.wss?uid=swg21663941>) for remediation information. ** ** \n \n \n**CVE ID: **[**_CVE-2014-3022_**](<https://vulners.com/cve/CVE-2014-3022>) **(PI09594) \n \nDESCRIPTION:** WebSphere Application Server allows for an information disclosure when an error page is displayed using a specially crafted URL. ** ** \n** \nCVSS:** _ \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/93060_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/93060>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8 \n* Version 7\n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI09594, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.2:**\n* Apply Fix Pack 3 (8.5.5.3), or later.[](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later.\n \n** \nFor V7.0.0.0 through 7.0.0.31:**\n* Apply Fix Pack 33 (7.0.0.33), or later. \n \n**_ \nWorkaround(s):_** None **_ \nMitigation(s):_** none \n \n \n**CVE ID: **[**_CVE-2014-0891_**](<https://vulners.com/cve/CVE-2014-0891>) **(PI09786)** ** \n \nDESCRIPTION: **The Proxy and ODR servers of the IBM WebSphere Application Server could allow a network attacker to obtain sensitive information caused by improper handling of requests. \n** \nCVSS:** _ \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/91286_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/91286>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:L/Au:N/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8 \n* Version 7\n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI09786, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.1:**\n* Apply Fix Pack 2 (8.5.5.2), or later. [](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later.\n \n** \nFor V7.0.0.0 through 7.0.0.31:**\n* Apply Fix Pack 33 (7.0.0.33), or later. \n \n**_ \nWorkaround(s):_** None **_ \nMitigation(s):_** none \n \n \n**CVE ID: **[**_CVE-2014-0965_**](<https://vulners.com/cve/CVE-2014-0965>) **(PI11434)** ** \n \nDESCRIPTION: **WebSphere Application Server could allow a remote attacker to obtain sensitive information caused by improper handling of SOAP responses. \n** \nCVSS:** _ \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/92878_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92878>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8 \n* Version 7\n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI11434, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.2:**\n* Apply Fix Pack 3 (8.5.5.3), or later. [](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later.\n \n** \nFor V7.0.0.0 through 7.0.0.31:**\n* Apply Fix Pack 33 (7.0.0.33), or later. \n \n**_ \nWorkaround(s):_** None **_ \nMitigation(s):_** none \n \n \n**CVE ID: **[**_CVE-2014-0050_**](<https://vulners.com/cve/CVE-2014-0050>) **(PI12648, PI12926 and PI13162)** ** \n \nDESCRIPTION: **Apache Commons FileUpload used by IBM WebSphere Application Server may be vulnerable to a denial of service. \n** \nCVSS:** \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/90987_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/90987>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n** \n****Affected Versions/Remediation/Workaround/Mitigation: **Please refer to [WebSphere Application Server Security bulletin for CVE-2014-0050](<http://www-01.ibm.com/support/docview.wss?uid=swg21667254>) for information. ** \n** \n \n**CVE ID: **[**_CVE-2014-0098_**](<https://vulners.com/cve/CVE-2014-0098>)** (PI13028) \n \nDESCRIPTION: **IBM HTTP Server may be vulnerable to a denial of service, caused by certain cookies being logged in the access log. A remote attacker could exploit this vulnerability to cause the server process to hang or crash. This only affects users that have modified their configuration to add cookie logging. \n\n**CVSS:** _ \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/91879_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/91879>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:L/Au:N/C:N/I:N/A:P)_\n\n**Affected Versions/Remediation/Workaround/Mitigation**\n\n \nPlease refer to [ WebSphere Application Server Security bulletin for CVE-2014-0098](<http://www-01.ibm.com/support/docview.wss?uid=swg21667526>) for remediation information. ** **** \n** \n \n**CVE ID: **[**_CVE-2014-0963_**](<https://vulners.com/cve/CVE-2014-0963>)** (PI17025) \n \nDESCRIPTION: **IBM HTTP Server is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM HTTP Server and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM HTTP Server instances, or monitor the mod_mpmstats output written to the ErrorLog. \n\n**CVSS:** _ \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:N/I:N/A:C)_\n\n**Affected Versions/Remediation/Workaround/Mitigation**\n\n \nPlease refer to [ WebSphere Application Server Security bulletin for CVE-2014-0963](<http://www-01.ibm.com/support/docview.wss?uid=swg21672843>) for remediation information. ** \n** \n \n**CVE ID: **[**_CVE-2014-0114_**](<https://vulners.com/cve/CVE-2014-0114>) **(PI17190)** ** \n \nDESCRIPTION: **Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class loader attributes. \n** \nCVSS:** \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n** \nAffected Versions/Remediation/Workaround/Mitigation: **Please refer to [WebSphere Application Server Security bulletin for CVE-2014-0114](<http://www-01.ibm.com/support/docview.wss?uid=swg21672316>) for information. ** \n** \n**IBM SDK: **Please refer to this security bulletin for SDK fixes that were shipped with WebSphere Application Server Version 7.0.0.33 _ \n_[ http://www-01.ibm.com/support/docview.wss?uid=swg21673013](<http://www-01.ibm.com/support/docview.wss?uid=swg21673013>)\n\n## ", "cvss3": {}, "published": "2022-09-08T00:26:26", "type": "ibm", "title": "Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 7.0.0.33", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6323", "CVE-2013-6329", "CVE-2013-6349", "CVE-2013-6438", "CVE-2013-6738", "CVE-2013-6747", "CVE-2014-0050", "CVE-2014-0098", "CVE-2014-0114", "CVE-2014-0859", "CVE-2014-0891", "CVE-2014-0963", "CVE-2014-0965", "CVE-2014-3022"], "modified": "2022-09-08T00:26:26", "id": "1EC9D814A44355A00FF42F8C8587C9E7C452415354E28A889935185CB4613BD7", "href": "https://www.ibm.com/support/pages/node/513553", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:35:57", "description": "## Summary\n\nCross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 8.0.0.9 and IBM WebSphere Application Server Hypervisor 8.0.0.9\n\n## Vulnerability Details\n\n**CVE ID: **[**_CVE-2013-6323_**](<https://vulners.com/cve/CVE-2013-6323>) **(PI04777 and PI04880)** ** \n \nDESCRIPTION: **The Administration Console of IBM WebSphere Application Server and IBM WebSphere Application Server Virtual Edition may be vulnerable to cross-site scripting, caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability to create a specially-crafted URL to execute script in a victim\u2019s Web browser within the security context of the hosting Web site, once the URL is clicked.** \n \nCVSS:** _ \nCVSS Base Score: 3.5 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/88903_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/88903>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:S/C:N/I:P/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n\n* Version 8.5 \n* Version 8 \n* Version 7 \n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) for WebSphere Application Server as noted below: ** \n** \n**For IBM WebSphere Application Server (****PI04****777****)** \n**For V8.5.0.0 through 8.5.5.1:**\n* Apply Fix Pack 2 (8.5.5.2), or later. \n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later. \n \n** \nFor V7.0.0.0 through 7.0.0.29:**\n* Apply Fix Pack 33 (7.0.0.33), or later.\n \n** \nFor IBM WebSphere Virtual Enterprise (PI04880)** ** \nFor V7.0.0.0 through 7.0.0.4:**\n* Apply Fix Pack 5 (7.0.0.5), or later.\n \n \n**_Workaround(s):_** None **_ \nMitigation(s):_** none \n**_Acknowledgement:_** Thanks to Michael Hoffman for reporting this vulnerability to IBM. \n\n\n**CVE ID:** [**_CVE-2013-6329_**](<https://vulners.com/cve/CVE-2013-6329>)** ** **(PI05309)**\n\n**DESCRIPTION**: Potential denial of service in SSL handshake processing with IBM HTTP Server. \n\n**CVSS:** \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/88939_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/88939>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C) \n\n**AFFECTED VERSIONS: **This problem affects the IBM HTTP Server component in all editions of WebSphere Application Server and bundling products: \n\u00b7 Version 8.5 \n\u00b7 Version 8 \n\u00b7 Version 7 \n\u00b7 Version 6.1 \n\n**REMEDIATION: ** Please refer to [WebSphere Application Server Security bulletin for CVE-2013-6349](<http://www-01.ibm.com/support/docview.wss?uid=swg21659548>) for remediation information and workaround information. ** **\n\n \n** \n** \n**CVE ID: **[**_CVE-2014-0823_**](<https://vulners.com/cve/CVE-2014-0823>) **(PI05324)** ** \n \nDESCRIPTION: **IBM WebSphere Application Server Full Profile and IBM Websphere Application Server Liberty profile could allow a remote attacker to view files within an application by sending a specially-crafted URL.** \n \nCVSS:** _ \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/90498_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/90498>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 Full and Liberty\n* Version 8 \n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI05324, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.1 Full Profile or Liberty Profile: **\n* Apply Fix Pack 2 (8.5.5.2), or later. [](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later.\n \n** \n****_Workaround(s):_** None **_ \nMitigation(s):_** None \n** \n \nCVE ID: **[**_CVE-2013-6738_**](<https://vulners.com/cve/CVE-2013-6738>) **(PI05661)** ** \n \nDESCRIPTION: **IBM WebSphere Application Server OAuth is vulnerable to cross-site scripting, caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability to create a specially-crafted URL to execute script in a victim\u2019s Web browser within the security context of the hosting Web site, once the URL is clicked. ** \n \nCVSS:** _ \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/89854_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/89854>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:N/I:P/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 Full Profile and Liberty Profile\n* Version 8 \n* Version 7\n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI05661, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.1:**\n* Apply Fix Pack 2 (8.5.5.2), or later.[](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9(8.0.0.9), or later.\n \n \n**For V7.0.0.0 through 7.0.0.31:**\n* Apply Fix Pack 33(7.0.0.33), or later.\n \n** \n****_Workaround(s):_** None. **_ \nMitigation(s):_** None. \n** \nCVE ID: **[**_CVE-2014-0857_**](<https://vulners.com/cve/CVE-2014-0857>) **(PI07808)** ** \n \nDESCRIPTION: **IBM WebSphere Application Server Administrative Console could allow a network attacker to obtain sensitive information caused by improper handling of requests and exploit this vulnerability to gain unauthorized access to the Server.** \n \nCVSS:** _ \n \nCVSS Base Score: 4.0 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/90863_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/90863>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:L/Au:S/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8 \n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing APAR PI07808 for IBM WebSphere Application Server as noted below: ** \n \nFor IBM WebSphere Application Server Full Profile** ** \n \nFor V8.5.0.0 through 8.5.5.1:**\n* Apply Fix Pack 2 (8.5.5.2), or later.[](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later. \n \n** \n****_Workaround(s):_** None **_ \nMitigation(s):_** none \n** \n \nCVE ID: **[**_CVE-2014-0859_**](<https://vulners.com/cve/CVE-2014-0859>) **(PI08892)** ** \n \nDESCRIPTION: **IBM WebSphere Application server using the web server plugin that is configured to retry failed POST requests may be vulnerable to a denial of service. A remote attacker could exploit this vulnerability to cause the Application Server to crash. \n** \nCVSS:** _ \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/90879_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/90879>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:L/Au:N/C:N/I:N/A:P)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8 \n* Version 7\n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI08892, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.1:**\n* Apply Fix Pack 2 (8.5.5.2), or later. [](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later.\n \n** \nFor V7.0.0.0 through 7.0.0.31:**\n* Apply Fix Pack 33 (7.0.0.33), or later. \n \n**_ \nWorkaround(s):_** None **_ \nMitigation(s):_** none \n \n** \nCVE ID:** [**_CVE-2013-6438_**](<https://vulners.com/cve/CVE-2013-6438>) **(PI09345)** \n**DESCRIPTION**: IBM HTTP Server may be vulnerable to a buffer overflow in the optional mod_dav module when using mod_dav addons. A remote attacker could overflow a buffer and cause a denial of service. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/90878_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/90878>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P) \n\n**AFFECTED VERSIONS: **This problem affects the IBM HTTP Server component in all editions of WebSphere Application Server and bundling products: \n\u00b7 Version 8.5 \n\u00b7 Version 8 \n\u00b7 Version 7 \n\n\n**REMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical \n\n**_Fix:_**Apply a Fix Pack, PTF or Interim Fix containing APAR PI09345, as noted below: \n\n**For affected IBM HTTP Server for WebSphere Application Server:**\n\n**For V8.5.0.0 through 8.5.5.1 Full Profile:**\n\n* Apply Interim Fix [PI09345](<http://www-01.ibm.com/support/docview.wss?uid=swg24037538>)\n \n\\-- OR \n* Apply Fix Pack 8.5.5.2 or later. \n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Interim Fix [PI09345](<http://www-01.ibm.com/support/docview.wss?uid=swg24037538>)\n \n\\-- OR \n* Apply Fix Pack 8.0.0.9 or later. \n* \n** \nFor V7.0.0.0 through 7.0.0.31:**\n* Apply Interim Fix [PI09345](<http://www-01.ibm.com/support/docview.wss?uid=swg24037538>)\n \n\\-- OR \n* Apply Fix Pack 7.0.0.33 or later.\n \n \n**_Workaround(s):_** Do not use optional mod_dav module. **_ \nMitigation(s):_** none ** \n \nCVE ID: **[**_CVE-2013-6747_**](<https://vulners.com/cve/CVE-2013-6747>)** (PI09443) \n \nDESCRIPTION: **IBM HTTP Server may be vulnerable to a denial of service, caused by an error in the GSKit component. By initiating an SSL/TLS connection using a malformed certificate chain, a remote attacker could exploit this vulnerability to cause the server process to hang or crash. \n\n**CVSS:** _ \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/89863_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/89863>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:N/I:N/A:C)_\n\n**Affected Versions/Remediation/Workaround/Mitigation**\n\n \nPlease refer to [ WebSphere Application Server Security bulletin for CVE-2013-6747](<http://www-01.ibm.com/support/docview.wss?uid=swg21663941>) for remediation information. ** ** \n \n \n**CVE ID: **[**_CVE-2014-3022_**](<https://vulners.com/cve/CVE-2014-3022>) **(PI09594) \n \nDESCRIPTION: **WebSphere Application Server allows for an information disclosure when an error page is displayed using a specially crafted URL. ** ** \n** \nCVSS:** _ \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/93060_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/93060>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8 \n* Version 7\n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI09594, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.2:**\n* Apply Fix Pack 3 (8.5.5.3), or later.[](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later.\n \n** \nFor V7.0.0.0 through 7.0.0.31:**\n* Apply Fix Pack 33 (7.0.0.33), or later. \n \n**_ \nWorkaround(s):_** None **_ \nMitigation(s):_** none \n \n \n**CVE ID: **[**_CVE-2014-0891_**](<https://vulners.com/cve/CVE-2014-0891>) **(PI09786)** ** \n \nDESCRIPTION: **The Proxy and ODR servers of the IBM WebSphere Application Server could allow a network attacker to obtain sensitive information caused by improper handling of requests. \n** \nCVSS:** _ \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/91286_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/91286>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:L/Au:N/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8 \n* Version 7\n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI09786, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.1:**\n* Apply Fix Pack 2 (8.5.5.2), or later. [](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later.\n \n** \nFor V7.0.0.0 through 7.0.0.31:**\n* Apply Fix Pack 33 (7.0.0.33), or later. \n \n**_ \nWorkaround(s):_** None **_ \nMitigation(s):_** none \n \n \n**CVE ID: **[**_CVE-2014-0965_**](<https://vulners.com/cve/CVE-2014-0965>) **(PI11434)** ** \n \nDESCRIPTION: **WebSphere Application Server could allow a remote attacker to obtain sensitive information caused by improper handling of SOAP responses. \n** \nCVSS:** _ \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/92878_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92878>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8 \n* Version 7\n \n** \nREMEDIATION: **The recommended solution is to apply the Fix Pack or PTF for each named product as soon as practical **_ \nFix:_** \nApply a [_Fix Pack or PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>) containing this APAR PI11434, as noted below: ** \n \nFor IBM WebSphere Application Server \n \nFor V8.5.0.0 through 8.5.5.2:**\n* Apply Fix Pack 3 (8.5.5.3), or later. [](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n \n** \nFor V8.0.0.0 through 8.0.0.8:**\n* Apply Fix Pack 9 (8.0.0.9), or later.\n \n** \nFor V7.0.0.0 through 7.0.0.31:**\n* Apply Fix Pack 33 (7.0.0.33), or later. \n \n**_ \nWorkaround(s):_** None **_ \nMitigation(s):_** none \n \n \n**CVE ID: **[**_CVE-2014-0050_**](<https://vulners.com/cve/CVE-2014-0050>) **(PI12648, PI12926 and PI13162)** ** \n \nDESCRIPTION: **Apache Commons FileUpload used by IBM WebSphere Application Server may be vulnerable to a denial of service. \n** \nCVSS:** \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/90987_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/90987>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n** \nAffected Versions/Remediation/Workaround/Mitigation: **Please refer to [WebSphere Application Server Security bulletin for CVE-2014-0050](<http://www-01.ibm.com/support/docview.wss?uid=swg21667254>) for information. ** \n** \n \n**CVE ID: **[**_CVE-2014-0098_**](<https://vulners.com/cve/CVE-2014-0098>)** (PI13028) \n \nDESCRIPTION: **IBM HTTP Server may be vulnerable to a denial of service, caused by certain cookies being logged in the access log. A remote attacker could exploit this vulnerabilitiy to cause the server process to hang or crash. This only affects users that have modified their configuration to add cookie logging. \n\n**CVSS:** _ \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/91879_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/91879>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:L/Au:N/C:N/I:N/A:P)_\n\n**Affected Versions/Remediation/Workaround/Mitigation**\n\n \nPlease refer to [ WebSphere Application Server Security bulletin for CVE-2014-0098](<http://www-01.ibm.com/support/docview.wss?uid=swg21667526>) for remediation information. ** \n** \n \n**CVE ID: **[**_CVE-2014-0963_**](<https://vulners.com/cve/CVE-2014-0963>)** (PI17025) \n \nDESCRIPTION: **IBM HTTP Server is affected by a problem with the handling of certain SSL messages. The TLS implementation can, under very specific conditions, cause CPU utilization to rapidly increase. The situation occurs only in a certain error case that causes a single thread to begin looping. If this happens multiple times, more threads will begin to loop and an increase in CPU utilization will be seen. This increase could ultimately result in CPU exhaustion and unresponsiveness of the IBM HTTP Server and other software running on the affected system. \n \nThis issue can affect the availability of the system, but does not impact system confidentiality or integrity. This vulnerability can be remotely exploited, authentication is not required and the exploit is moderately complex. \n \nTo determine if your systems are being affected by this issue, you can monitor the CPU utilization for IBM HTTP Server instances, or monitor the mod_mpmstats output written to the ErrorLog. \n\n**CVSS:** _ \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/92844_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92844>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:N/AC:M/Au:N/C:N/I:N/A:C)_\n\n**Affected Versions/Remediation/Workaround/Mitigation**\n\n \nPlease refer to [ WebSphere Application Server Security bulletin for CVE-2014-0963](<http://www-01.ibm.com/support/docview.wss?uid=swg21672843>) for remediation information. ** \n** \n \n**CVE ID: **[**_CVE-2014-0076_**](<https://vulners.com/cve/CVE-2014-0076>) **(PI19700) \n \nDESCRIPTION: **The GSKit component in IBM HTTP Server could allow a local attacker to obtain sensitive information, caused by an implementation error in ECDSA (Elliptic curve Digital Signature Algorithm). \n** \nCVSS:** _ \nCVSS Base Score: 2.1 \nCVSS Temporal Score: See _[_https://exchange.xforce.ibmcloud.com/vulnerabilities/91990_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/91990>) _for the current score \nCVSS Environmental Score*: Undefined \nCVSS String: (AV:L/AC:L/Au:N/C:P/I:N/A:N)_ ** \n \nAFFECTED VERSIONS**: The following IBM WebSphere Application Server Versions are affected: \n* Version 8.5 \n* Version 8 \n \n** \nREMEDIATION: ** No action is required unless all of these conditions are met: \n* SSL is enabled\n* IBM HTTP Server is Version 8 or later \n* SSLCipherSpec has enabled ECDHE_ECDSA* ciphers\n* Configured certificate uses an ECC key rather than RSA\n* Configured certificate was created by a tool other than ikeyman or gskcapicmd\n \n**_ \nFix:_** \nIf all of the above conditions are met, then apply the appropriate [_Fix Pack, PTF_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>), or Interim Fix containing APAR PI19700, as noted below. If the SSLFIPSEnable directive is specified, the vulnerability remains after applying the fix. As a remediation, disable SSLFIPSEnable, or change any of the above conditions.** \n \nFor affected IBM HTTP Server: \n \nFor V8.5.0.0 through 8.5.5.2:**\n* Apply Fix Pack 3 (8.5.5.3), or later.\n \n\\-- Or -- [](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27004980>)\n* Apply Interim Fix [PI19700](<https://www-304.ibm.com/support/docview.wss?uid=swg24037906>)\n \n** \nFor V8.0.0.0 through 8.0.0.9:**\n* Apply Fix Pack 10 (8.0.0.10), or later.\n \n\\-- Or -- \n* Apply Interim Fix [PI19700](<https://www-304.ibm.com/support/docview.wss?uid=swg24037906>)\n \n** \n****_Workaround(s):_** None **_ \nMitigation(s):_** none \n \n \n \n**IBM SDK: **Please refer to this security bulletin for SDK fixes that were shipped with WebSphere Application Server Version 8.0.0.9 \n<http://www-01.ibm.com/support/docview.wss?uid=swg21673013>\n\n## ", "cvss3": {}, "published": "2022-09-08T00:26:26", "type": "ibm", "title": "Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.9", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6323", "CVE-2013-6329", "CVE-2013-6349", "CVE-2013-6438", "CVE-2013-6738", "CVE-2013-6747", "CVE-2014-0050", "CVE-2014-0076", "CVE-2014-0098", "CVE-2014-0823", "CVE-2014-0857", "CVE-2014-0859", "CVE-2014-0891", "CVE-2014-0963", "CVE-2014-0965", "CVE-2014-3022"], "modified": "2022-09-08T00:26:26", "id": "7623EF01FDC9829334B2D3D28DD6B6F03B2A42D3B32CC0CE319C386E91549037", "href": "https://www.ibm.com/support/pages/node/513555", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-28T22:07:08", "description": "## Question\n\nWhat Technotes exist for the IBM Security Network Protection / IBM QRadar Network Security (XGS) sensor?\n\n## Answer\n\nThe content below includes a list of all technical notes published under IBM Security Network Protection / IBM QRadar Network Security by category and sorted by popularity. Users can expand or collapse each section below using the + / - buttons. As new documentation is released, this content will be updated and new articles added. Click Expand All prior to starting a CTRL-F search. \n\n## IBM QRadar Network Security, IBM Security Network Protection\n\nExpand All\n\n\\+ \\--\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[7047980](<http://www.ibm.com/support/docview.wss?uid=swg27047980>) | [May 2018 Newsletter from Infrastructure Security Support ](<http://www.ibm.com/support/docview.wss?uid=swg27047980>) | 2018-05-24 | 1 \n[1998843](<http://www.ibm.com/support/docview.wss?uid=swg21998843>) | [IBM QRadar Network Security firmware update 5.4.0 release notes](<http://www.ibm.com/support/docview.wss?uid=swg21998843>) | 2017-05-08 | 2 \n[2010305](<http://www.ibm.com/support/docview.wss?uid=swg22010305>) | [Security Bulletin: IBM Security Network Protection is affected by vulnerabilities in OpenSSH (CVE-2016-6210 CVE-2016-6515 CVE-2016-10009 CVE-2016-10011)](<http://www.ibm.com/support/docview.wss?uid=swg22010305>) | 2018-02-15 | 3 \n[1902736](<http://www.ibm.com/support/docview.wss?uid=swg21902736>) | [System requirements for IBM QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21902736>) | 2017-04-14 | 4 \n[2003331](<http://www.ibm.com/support/docview.wss?uid=swg22003331>) | [5.3.3.2-ISS-XGS-All-Models-Hotfix-IF0007](<http://www.ibm.com/support/docview.wss?uid=swg22003331>) | 2017-05-15 | 5 \n[2008340](<http://www.ibm.com/support/docview.wss?uid=swg22008340>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in openssh (CVE-2016-10009 CVE-2016-10011 CVE-2016-10012 CVE-2016-6210 CVE-2016-6515)](<http://www.ibm.com/support/docview.wss?uid=swg22008340>) | 2018-02-15 | 6 \n[2008339](<http://www.ibm.com/support/docview.wss?uid=swg22008339>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in tcpdump](<http://www.ibm.com/support/docview.wss?uid=swg22008339>) | 2018-02-15 | 7 \n[2008854](<http://www.ibm.com/support/docview.wss?uid=swg22008854>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel](<http://www.ibm.com/support/docview.wss?uid=swg22008854>) | 2018-02-15 | 8 \n[2008853](<http://www.ibm.com/support/docview.wss?uid=swg22008853>) | [Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in glibc](<http://www.ibm.com/support/docview.wss?uid=swg22008853>) | 2018-02-15 | 9 \n[2009835](<http://www.ibm.com/support/docview.wss?uid=swg22009835>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerability in subversion (CVE-2017-9800)](<http://www.ibm.com/support/docview.wss?uid=swg22009835>) | 2018-02-15 | 10 \n[2007316](<http://www.ibm.com/support/docview.wss?uid=swg22007316>) | [5.4.0.1-ISS-XGS-All-Models-Hotfix-IF0004](<http://www.ibm.com/support/docview.wss?uid=swg22007316>) | 2017-08-24 | 11 \n[2001911](<http://www.ibm.com/support/docview.wss?uid=swg22001911>) | [Unable to upgrade IBM QRadar Network Security firmware version 5.3.x to 5.4.x from the inserted USB flash drive.](<http://www.ibm.com/support/docview.wss?uid=swg22001911>) | 2017-12-11 | 12 \n[2007535](<http://www.ibm.com/support/docview.wss?uid=swg22007535>) | [Security Bulletin: IBM QRadar Network Security is affected by a less-secure algorithm during negotiations vulnerability (CVE-2017-1491)](<http://www.ibm.com/support/docview.wss?uid=swg22007535>) | 2018-02-15 | 13 \n[1996987](<http://www.ibm.com/support/docview.wss?uid=swg21996987>) | [IBM QRadar Network Security 5.4 Web Services API ](<http://www.ibm.com/support/docview.wss?uid=swg21996987>) | 2017-04-18 | 14 \n[2007918](<http://www.ibm.com/support/docview.wss?uid=swg22007918>) | [Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg22007918>) | 2018-02-15 | 15 \n[1988573](<http://www.ibm.com/support/docview.wss?uid=swg21988573>) | [IBM QRadar Network Security (XGS) Web Services API](<http://www.ibm.com/support/docview.wss?uid=swg21988573>) | 2017-04-14 | 16 \n[2007554](<http://www.ibm.com/support/docview.wss?uid=swg22007554>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in bash (CVE-2016-9401, CVE-2016-7543, CVE-2016-0634)](<http://www.ibm.com/support/docview.wss?uid=swg22007554>) | 2018-02-15 | 17 \n[1995440](<http://www.ibm.com/support/docview.wss?uid=swg21995440>) | [Security Bulletin: A vulnerability in Expat XML parser affects IBM Security Network Protection (CVE-2016-0718) ](<http://www.ibm.com/support/docview.wss?uid=swg21995440>) | 2018-02-15 | 18 \n[7049539](<http://www.ibm.com/support/docview.wss?uid=swg27049539>) | [Open Mic replay: What is new in the latest XGS firmware updates - 29 March 2017 (Includes link to video; presentation is attached)](<http://www.ibm.com/support/docview.wss?uid=swg27049539>) | 2017-04-15 | 19 \n[2007557](<http://www.ibm.com/support/docview.wss?uid=swg22007557>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in libtasn1 (CVE-2015-3622, CVE-2015-2806)](<http://www.ibm.com/support/docview.wss?uid=swg22007557>) | 2018-02-15 | 20 \n[2003343](<http://www.ibm.com/support/docview.wss?uid=swg22003343>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22003343>) | 2018-02-15 | 21 \n[2007551](<http://www.ibm.com/support/docview.wss?uid=swg22007551>) | [Security Bulletin: IBM QRadar Network Security is affected by potential issues of XML External Entity Injection (CVE-2017-1458)](<http://www.ibm.com/support/docview.wss?uid=swg22007551>) | 2018-02-15 | 22 \n[2004744](<http://www.ibm.com/support/docview.wss?uid=swg22004744>) | [Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities in Linux Kernel](<http://www.ibm.com/support/docview.wss?uid=swg22004744>) | 2018-02-15 | 23 \n[2007315](<http://www.ibm.com/support/docview.wss?uid=swg22007315>) | [5.4.0.1-ISS-XGS-All-Models-Hotfix-IF0003 ](<http://www.ibm.com/support/docview.wss?uid=swg22007315>) | 2017-08-24 | 24 \n[2007550](<http://www.ibm.com/support/docview.wss?uid=swg22007550>) | [Security Bulletin: IBM QRadar Network Security is affected by potential issues of Cross-Site Scripting (CVE-2017-1457)](<http://www.ibm.com/support/docview.wss?uid=swg22007550>) | 2018-02-15 | 25 \n[2007539](<http://www.ibm.com/support/docview.wss?uid=swg22007539>) | [Security Bulletin: IBM QRadar Network Security has updated commons-fileupload for known vulnerabilities (CVE-2016-3092)](<http://www.ibm.com/support/docview.wss?uid=swg22007539>) | 2018-02-15 | 26 \n[2007553](<http://www.ibm.com/support/docview.wss?uid=swg22007553>) | [Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in Curl (CVE-2016-7167)](<http://www.ibm.com/support/docview.wss?uid=swg22007553>) | 2018-02-15 | 27 \n[1987978](<http://www.ibm.com/support/docview.wss?uid=swg21987978>) | [Security Bulletin: Vulnerabilities in OpenSSH affect IBM Security Network Protection (CVE-2015-5352, CVE-2015-6563, and CVE-2015-6564) ](<http://www.ibm.com/support/docview.wss?uid=swg21987978>) | 2018-02-15 | 28 \n[2005764](<http://www.ibm.com/support/docview.wss?uid=swg22005764>) | [Security Bulletin: IBM Security Network Protection is affected by a vulnerability in glibc](<http://www.ibm.com/support/docview.wss?uid=swg22005764>) | 2018-02-15 | 29 \n[1979372](<http://www.ibm.com/support/docview.wss?uid=swg21979372>) | [Security Bulletin: A vulnerability in libssh2 affects IBM Security Network Protection (CVE-2016-0787) ](<http://www.ibm.com/support/docview.wss?uid=swg21979372>) | 2018-02-15 | 30 \n[1996290](<http://www.ibm.com/support/docview.wss?uid=swg21996290>) | [5.3.3-ISS-XGS-All-Models-Hotfix-IF0007](<http://www.ibm.com/support/docview.wss?uid=swg21996290>) | 2017-04-14 | 31 \n[2007552](<http://www.ibm.com/support/docview.wss?uid=swg22007552>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel](<http://www.ibm.com/support/docview.wss?uid=swg22007552>) | 2018-02-15 | 32 \n[1988243](<http://www.ibm.com/support/docview.wss?uid=swg21988243>) | [5.3.2.3-ISS-XGS-All-Models-Hotfix-IF0007](<http://www.ibm.com/support/docview.wss?uid=swg21988243>) | 2017-04-14 | 33 \n[1993670](<http://www.ibm.com/support/docview.wss?uid=swg21993670>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection (CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554, and CVE-2016-5542)](<http://www.ibm.com/support/docview.wss?uid=swg21993670>) | 2018-02-15 | 34 \n[1996808](<http://www.ibm.com/support/docview.wss?uid=swg21996808>) | [5.3.1.11-ISS-XGS-All-Models-Hotfix-IF0002](<http://www.ibm.com/support/docview.wss?uid=swg21996808>) | 2017-04-14 | 35 \n[2001802](<http://www.ibm.com/support/docview.wss?uid=swg22001802>) | [5.3.3.2-ISS-XGS-All-Models-Hotfix-IF0005](<http://www.ibm.com/support/docview.wss?uid=swg22001802>) | 2017-04-18 | 36 \n[1980157](<http://www.ibm.com/support/docview.wss?uid=swg21980157>) | [Security Bulletin: Vulnerabilities in Kerberos (krb5) affect IBM Security Network Protection (CVE-2015-8629, and CVE-2015-8631) ](<http://www.ibm.com/support/docview.wss?uid=swg21980157>) | 2018-02-15 | 37 \n[1991724](<http://www.ibm.com/support/docview.wss?uid=swg21991724>) | [Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection ](<http://www.ibm.com/support/docview.wss?uid=swg21991724>) | 2018-02-15 | 38 \n[1999248](<http://www.ibm.com/support/docview.wss?uid=swg21999248>) | [Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Protection (CVE-2015-8325)](<http://www.ibm.com/support/docview.wss?uid=swg21999248>) | 2018-02-15 | 39 \n[2003045](<http://www.ibm.com/support/docview.wss?uid=swg22003045>) | [Security Bulletin: IBM Security Network Protection is affected by Vulnerabilities in GNU Bash](<http://www.ibm.com/support/docview.wss?uid=swg22003045>) | 2018-02-15 | 40 \n[2003046](<http://www.ibm.com/support/docview.wss?uid=swg22003046>) | [Security Bulletin: IBM Security Network Protection is affected by a vulnerability in coreutils (util-linux)](<http://www.ibm.com/support/docview.wss?uid=swg22003046>) | 2018-02-15 | 41 \n[2003341](<http://www.ibm.com/support/docview.wss?uid=swg22003341>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection ](<http://www.ibm.com/support/docview.wss?uid=swg22003341>) | 2018-02-15 | 42 \n[7049549](<http://www.ibm.com/support/docview.wss?uid=swg27049549>) | [IBM Infrastructure Security Support February 2017 Newsletter ](<http://www.ibm.com/support/docview.wss?uid=swg27049549>) | 2017-04-15 | 43 \n[2005379](<http://www.ibm.com/support/docview.wss?uid=swg22005379>) | [Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in glibc (CVE-2017-1000366)](<http://www.ibm.com/support/docview.wss?uid=swg22005379>) | 2018-02-15 | 44 \n[7050074](<http://www.ibm.com/support/docview.wss?uid=swg27050074>) | [IBM Infrastructure Security Support June 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050074>) | 2017-07-17 | 45 \n[1961717](<http://www.ibm.com/support/docview.wss?uid=swg21961717>) | [Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Network Protection (CVE-2015-4000) ](<http://www.ibm.com/support/docview.wss?uid=swg21961717>) | 2018-02-15 | 46 \n[1992187](<http://www.ibm.com/support/docview.wss?uid=swg21992187>) | [IBM QRadar Network Security XGS 5200/7100 fails to start](<http://www.ibm.com/support/docview.wss?uid=swg21992187>) | 2017-05-16 | 47 \n[7050656](<http://www.ibm.com/support/docview.wss?uid=swg27050656>) | [IBM Infrastructure Security Support November 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050656>) | 2017-12-18 | 48 \n[1984583](<http://www.ibm.com/support/docview.wss?uid=swg21984583>) | [Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21984583>) | 2018-02-15 | 49 \n[2000992](<http://www.ibm.com/support/docview.wss?uid=swg22000992>) | [Blocking tunneled packets in IBM QRadar Network Security XGS appliance](<http://www.ibm.com/support/docview.wss?uid=swg22000992>) | 2017-07-16 | 50 \n[2001907](<http://www.ibm.com/support/docview.wss?uid=swg22001907>) | [Security Bulletin: Vulnerabilities in GNU C library (glibc) affect IBM Security Network Protection ](<http://www.ibm.com/support/docview.wss?uid=swg22001907>) | 2018-02-15 | 51 \n[2003633](<http://www.ibm.com/support/docview.wss?uid=swg22003633>) | [Security Bulletin: IBM QRadar Network Security is affected by a vulnerability in coreutils (util-linux)](<http://www.ibm.com/support/docview.wss?uid=swg22003633>) | 2018-02-15 | 52 \n[7049861](<http://www.ibm.com/support/docview.wss?uid=swg27049861>) | [IBM Infrastructure Security Support April 2017 Newsletter ](<http://www.ibm.com/support/docview.wss?uid=swg27049861>) | 2017-05-20 | 53 \n[7050269](<http://www.ibm.com/support/docview.wss?uid=swg27050269>) | [IBM Infrastructure Security Support August 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050269>) | 2017-09-18 | 54 \n[1961447](<http://www.ibm.com/support/docview.wss?uid=swg21961447>) | [Security Bulletin: Multiple vulnerabilities in IBM Java affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21961447>) | 2018-02-15 | 55 \n[1985122](<http://www.ibm.com/support/docview.wss?uid=swg21985122>) | [Security Bulletin: Multiple vulnerabilities in NTP affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21985122>) | 2018-02-15 | 56 \n[1985753](<http://www.ibm.com/support/docview.wss?uid=swg21985753>) | [Security Bulletin: Multiple vulnerabilities in file affect IBM Security Network Protection ](<http://www.ibm.com/support/docview.wss?uid=swg21985753>) | 2018-02-15 | 57 \n[1990083](<http://www.ibm.com/support/docview.wss?uid=swg21990083>) | [Security Bulletin: Vulnerabilities in busybox affect IBM Security Network Protection (CVE-2014-4607, and CVE-2014-9645 ) ](<http://www.ibm.com/support/docview.wss?uid=swg21990083>) | 2018-02-15 | 58 \n[1994071](<http://www.ibm.com/support/docview.wss?uid=swg21994071>) | [Security Bulletin: A vulnerability in GnuPG libgcrypt affects IBM Security Network Protection (CVE-2016-6313) ](<http://www.ibm.com/support/docview.wss?uid=swg21994071>) | 2018-02-15 | 59 \n[1997604](<http://www.ibm.com/support/docview.wss?uid=swg21997604>) | [Network interface module population changes on the XGS appliance are not reflected on the managing SiteProtector System](<http://www.ibm.com/support/docview.wss?uid=swg21997604>) | 2017-04-18 | 60 \n[1999246](<http://www.ibm.com/support/docview.wss?uid=swg21999246>) | [Security Bulletin: Multiple vulnerabilities in NTP affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21999246>) | 2018-02-15 | 61 \n[2001184](<http://www.ibm.com/support/docview.wss?uid=swg22001184>) | [Pressing and holding the power button does not shut down the IBM QRadar Network Security XGS 5200 appliance](<http://www.ibm.com/support/docview.wss?uid=swg22001184>) | 2017-06-19 | 62 \n[2002507](<http://www.ibm.com/support/docview.wss?uid=swg22002507>) | [Security Bulletin: A vulnerability has been discovered in 40-GbE network interface modules for the IBM Security Network Protection XGS 7100 appliance (CVE-2016-8106)](<http://www.ibm.com/support/docview.wss?uid=swg22002507>) | 2018-02-15 | 63 \n[7039297](<http://www.ibm.com/support/docview.wss?uid=swg27039297>) | [Network Protection documentation update: Setting up SSL inspection for the Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg27039297>) | 2017-08-09 | 64 \n[7049965](<http://www.ibm.com/support/docview.wss?uid=swg27049965>) | [IBM Infrastructure Security Support May 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27049965>) | 2017-06-27 | 65 \n[7050550](<http://www.ibm.com/support/docview.wss?uid=swg27050550>) | [IBM Infrastructure Security Support October 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050550>) | 2018-05-24 | 66 \n[1903520](<http://www.ibm.com/support/docview.wss?uid=swg21903520>) | [Microsoft Update fails when Outbound SSL inspection is enabled](<http://www.ibm.com/support/docview.wss?uid=swg21903520>) | 2018-05-01 | 67 \n[1961467](<http://www.ibm.com/support/docview.wss?uid=swg21961467>) | [Security Bulletin: Vulnerabilities in GNU glibc affect IBM Security Network Protection (CVE-2013-7423, and CVE-2015-1781) ](<http://www.ibm.com/support/docview.wss?uid=swg21961467>) | 2018-02-15 | 68 \n[1964040](<http://www.ibm.com/support/docview.wss?uid=swg21964040>) | [Known Issues for IBM Security Network Protection firmware update 5.3.1.3](<http://www.ibm.com/support/docview.wss?uid=swg21964040>) | 2017-07-17 | 69 \n[1984424](<http://www.ibm.com/support/docview.wss?uid=swg21984424>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21984424>) | 2018-02-15 | 70 \n[1986974](<http://www.ibm.com/support/docview.wss?uid=swg21986974>) | [Security Bulletin: Multiple vulnerabilities in libxml2 affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21986974>) | 2018-02-15 | 71 \n[1989336](<http://www.ibm.com/support/docview.wss?uid=swg21989336>) | [Security Bulletin: Multiple Denial of Service vulnerabilities with Expat might affect IBM HTTP Server used with IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21989336>) | 2018-02-15 | 72 \n[1995885](<http://www.ibm.com/support/docview.wss?uid=swg21995885>) | [5.3.1.11-XGS-All-Models-Hotfix-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21995885>) | 2017-04-14 | 73 \n[1999162](<http://www.ibm.com/support/docview.wss?uid=swg21999162>) | [Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Network Protection (CVE-2016-8610, and CVE-2017-3731)](<http://www.ibm.com/support/docview.wss?uid=swg21999162>) | 2018-02-15 | 74 \n[1999513](<http://www.ibm.com/support/docview.wss?uid=swg21999513>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21999513>) | 2018-02-15 | 75 \n[2002624](<http://www.ibm.com/support/docview.wss?uid=swg22002624>) | [Security Bulletin: A vulnerability has been discovered in 40-GbE network interface modules for the IBM QRadar Network Security XGS 7100 appliance (CVE-2016-8106)](<http://www.ibm.com/support/docview.wss?uid=swg22002624>) | 2018-02-15 | 76 \n[2011746](<http://www.ibm.com/support/docview.wss?uid=swg22011746>) | [Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel](<http://www.ibm.com/support/docview.wss?uid=swg22011746>) | 2018-05-01 | 77 \n[2011787](<http://www.ibm.com/support/docview.wss?uid=swg22011787>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg22011787>) | 2018-05-01 | 78 \n[2016549](<http://www.ibm.com/support/docview.wss?uid=swg22016549>) | [Security Bulletin: IBM Security Network Protection is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg22016549>) | 2018-06-03 | 79 \n[7049238](<http://www.ibm.com/support/docview.wss?uid=swg27049238>) | [IBM Infrastructure Security Support November 2016 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27049238>) | 2017-10-17 | 80 \n[7049645](<http://www.ibm.com/support/docview.wss?uid=swg27049645>) | [IBM Infrastructure Security Support March 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27049645>) | 2018-05-24 | 81 \n[7050420](<http://www.ibm.com/support/docview.wss?uid=swg27050420>) | [IBM Infrastructure Security Support September 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050420>) | 2018-01-15 | 82 \n[7050716](<http://www.ibm.com/support/docview.wss?uid=swg27050716>) | [IBM Infrastructure Security Support December 2017 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050716>) | 2018-05-24 | 83 \n[7050809](<http://www.ibm.com/support/docview.wss?uid=swg27050809>) | [IBM Infrastructure Security Support January 2018 Newsletter](<http://www.ibm.com/support/docview.wss?uid=swg27050809>) | 2018-05-24 | 84 \n[7050900](<http://www.ibm.com/support/docview.wss?uid=swg27050900>) | [February 2018 Newsletter from Infrastructure Security Support ](<http://www.ibm.com/support/docview.wss?uid=swg27050900>) | 2018-05-24 | 85 \n[7050972](<http://www.ibm.com/support/docview.wss?uid=swg27050972>) | [March 2018 Newsletter from Infrastructure Security Support ](<http://www.ibm.com/support/docview.wss?uid=swg27050972>) | 2018-05-24 | 86 \n[7051105](<http://www.ibm.com/support/docview.wss?uid=swg27051105>) | [April 2018 Newsletter from Infrastructure Security Support ](<http://www.ibm.com/support/docview.wss?uid=swg27051105>) | 2018-05-25 | 87 \n \n\\+ Backups and Recovery\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1669579](<http://www.ibm.com/support/docview.wss?uid=swg21669579>) | [Creating snapshots and options on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21669579>) | 2018-05-01 | 1 \n[1974662](<http://www.ibm.com/support/docview.wss?uid=swg21974662>) | [Restoring a QRadar Network Security sensor to factory defaults settings](<http://www.ibm.com/support/docview.wss?uid=swg21974662>) | 2017-08-06 | 2 \n[1695898](<http://www.ibm.com/support/docview.wss?uid=swg21695898>) | [Reimaging the Security Network Protection (XGS) appliance using the PXE image](<http://www.ibm.com/support/docview.wss?uid=swg21695898>) | 2017-04-14 | 3 \n[1437385](<http://www.ibm.com/support/docview.wss?uid=swg21437385>) | [Accessing a recovery CD or DVD for a Proventia or IBM Security appliance](<http://www.ibm.com/support/docview.wss?uid=swg21437385>) | 2018-05-01 | 4 \n \n\\+ Bypass\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1882622](<http://www.ibm.com/support/docview.wss?uid=swg21882622>) | [Security Network Protection built-in bypass general information](<http://www.ibm.com/support/docview.wss?uid=swg21882622>) | 2018-05-01 | 1 \n[1695421](<http://www.ibm.com/support/docview.wss?uid=swg21695421>) | [Protection interfaces on Network Protection flapping in firmware 5.3.0.2 and earlier](<http://www.ibm.com/support/docview.wss?uid=swg21695421>) | 2018-01-29 | 2 \n[1988927](<http://www.ibm.com/support/docview.wss?uid=swg21988927>) | [Hardware bypass can cause port channel to go down on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21988927>) | 2017-09-26 | 3 \n \n\\+ Command Line Interface (CLI)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1984900](<http://www.ibm.com/support/docview.wss?uid=swg21984900>) | [Security Network Protection Command Line Interface (CLI) troubleshooting commands](<http://www.ibm.com/support/docview.wss?uid=swg21984900>) | 2018-05-01 | 1 \n[1883213](<http://www.ibm.com/support/docview.wss?uid=swg21883213>) | [Capturing network traffic on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21883213>) | 2017-10-30 | 2 \n[1903461](<http://www.ibm.com/support/docview.wss?uid=swg21903461>) | [Affected processes when restarting services from the CLI on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21903461>) | 2017-08-28 | 3 \n[7045931](<http://www.ibm.com/support/docview.wss?uid=swg27045931>) | [Open Mic Webcast: Making use of logs and captures on the XGS - Wednesday, 24 June 2015 [includes link to recording; presentation slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27045931>) | 2018-05-23 | 4 \n[1990297](<http://www.ibm.com/support/docview.wss?uid=swg21990297>) | [DPI reenabled after manually disabling it on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21990297>) | 2017-11-06 | 5 \n[1966577](<http://www.ibm.com/support/docview.wss?uid=swg21966577>) | [\"Command failure\" when checking interface status on Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21966577>) | 2017-04-14 | 6 \n[1970266](<http://www.ibm.com/support/docview.wss?uid=swg21970266>) | [System shutdown produces irq 16 error on XGS 7100 sensors](<http://www.ibm.com/support/docview.wss?uid=swg21970266>) | 2017-04-14 | 7 \n \n\\+ Documentation\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1974231](<http://www.ibm.com/support/docview.wss?uid=swg21974231>) | [Security Bulletin: CBC mode ciphers, weak MD5 and MAC algorithms vulnerabilities in OpenSSH affect IBM Security Network Protection (CVE-2008-5161) ](<http://www.ibm.com/support/docview.wss?uid=swg21974231>) | 2018-02-15 | 1 \n[1986450](<http://www.ibm.com/support/docview.wss?uid=swg21986450>) | [IBM Security Network Protection firmware update 5.3.3 release notes ](<http://www.ibm.com/support/docview.wss?uid=swg21986450>) | 2018-05-28 | 2 \n[1996724](<http://www.ibm.com/support/docview.wss?uid=swg21996724>) | [IBM Security Network Protection firmware update 5.3.3.2 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21996724>) | 2017-04-14 | 3 \n[1993418](<http://www.ibm.com/support/docview.wss?uid=swg21993418>) | [Stacking IBM Security Network Protection XGS Appliance 7100 ](<http://www.ibm.com/support/docview.wss?uid=swg21993418>) | 2017-07-12 | 4 \n[1984078](<http://www.ibm.com/support/docview.wss?uid=swg21984078>) | [IBM Security Network Protection firmware update 5.3.2.3 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21984078>) | 2017-05-10 | 5 \n[1687204](<http://www.ibm.com/support/docview.wss?uid=swg21687204>) | [IBM Security Network Protection 5.3 Web Services API](<http://www.ibm.com/support/docview.wss?uid=swg21687204>) | 2017-10-16 | 6 \n[1993057](<http://www.ibm.com/support/docview.wss?uid=swg21993057>) | [IBM Security Network Protection firmware update 5.3.3.1 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21993057>) | 2017-04-14 | 7 \n[1986529](<http://www.ibm.com/support/docview.wss?uid=swg21986529>) | [IBM Security Network Protection XGS Appliance Machine Code Updates for the firmware update 5.3.3.](<http://www.ibm.com/support/docview.wss?uid=swg21986529>) | 2018-05-27 | 8 \n[1968171](<http://www.ibm.com/support/docview.wss?uid=swg21968171>) | [IBM Security Network Protection firmware update 5.3.2 release notes](<http://www.ibm.com/support/docview.wss?uid=swg21968171>) | 2017-04-14 | 9 \n[1997036](<http://www.ibm.com/support/docview.wss?uid=swg21997036>) | [Optimizing packet processing for an IBM Security Network Protection XGS 7100 appliance with network interface module (NIM) bays partially populated](<http://www.ibm.com/support/docview.wss?uid=swg21997036>) | 2017-04-14 | 10 \n[1902372](<http://www.ibm.com/support/docview.wss?uid=swg21902372>) | [Using the Infrastructure Security support forum in dW Answers](<http://www.ibm.com/support/docview.wss?uid=swg21902372>) | 2018-05-01 | 11 \n[1996693](<http://www.ibm.com/support/docview.wss?uid=swg21996693>) | [Blocking HTTPS websites using domain category objects on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21996693>) | 2018-05-23 | 12 \n[1996771](<http://www.ibm.com/support/docview.wss?uid=swg21996771>) | [IBM Security Network Protection firmware update 5.3.2.6 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21996771>) | 2017-04-14 | 13 \n[1988993](<http://www.ibm.com/support/docview.wss?uid=swg21988993>) | [IBM Security Network Protection firmware update 5.3.2.4 Readme ](<http://www.ibm.com/support/docview.wss?uid=swg21988993>) | 2017-04-14 | 14 \n[1993417](<http://www.ibm.com/support/docview.wss?uid=swg21993417>) | [Configuring IBM Security Network Protection 5.3.3.1 to use flow data collector mode](<http://www.ibm.com/support/docview.wss?uid=swg21993417>) | 2017-04-14 | 15 \n[1694966](<http://www.ibm.com/support/docview.wss?uid=swg21694966>) | [IBM Security Network Protection 5.3.1 Web Services API](<http://www.ibm.com/support/docview.wss?uid=swg21694966>) | 2017-06-27 | 16 \n[1968449](<http://www.ibm.com/support/docview.wss?uid=swg21968449>) | [IBM Security Network Protection firmware update 5.3.1.5 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21968449>) | 2017-04-14 | 17 \n[1978185](<http://www.ibm.com/support/docview.wss?uid=swg21978185>) | [IBM Security Network Protection firmware update 5.3.2.2 Readme ](<http://www.ibm.com/support/docview.wss?uid=swg21978185>) | 2017-04-14 | 18 \n[1974242](<http://www.ibm.com/support/docview.wss?uid=swg21974242>) | [Security Bulletin: A vulnerability in the GSKit component of IBM Security Network Protection Why (CVE-2016-0201)](<http://www.ibm.com/support/docview.wss?uid=swg21974242>) | 2017-04-14 | 19 \n[1993327](<http://www.ibm.com/support/docview.wss?uid=swg21993327>) | [IBM Security Network Protection firmware update 5.3.2.5 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21993327>) | 2017-04-14 | 20 \n[1971777](<http://www.ibm.com/support/docview.wss?uid=swg21971777>) | [Automated Service and Support on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21971777>) | 2017-04-14 | 21 \n[1986088](<http://www.ibm.com/support/docview.wss?uid=swg21986088>) | [Configuring Address objects for the Management Access Policy on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21986088>) | 2017-08-24 | 22 \n[1997651](<http://www.ibm.com/support/docview.wss?uid=swg21997651>) | [Configuring Remote Syslog over TLS for IBM Security Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21997651>) | 2018-01-08 | 23 \n[1688361](<http://www.ibm.com/support/docview.wss?uid=swg21688361>) | [Understanding the term User Overridden in regard to security event configurations on GX and XGS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21688361>) | 2018-05-01 | 24 \n[1971601](<http://www.ibm.com/support/docview.wss?uid=swg21971601>) | [IBM Security Network Protection firmware update 5.3.1.6 Readme ](<http://www.ibm.com/support/docview.wss?uid=swg21971601>) | 2017-10-17 | 25 \n[1974524](<http://www.ibm.com/support/docview.wss?uid=swg21974524>) | [IBM Security Network Protection firmware update 5.3.1.7 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21974524>) | 2017-04-14 | 26 \n[1975225](<http://www.ibm.com/support/docview.wss?uid=swg21975225>) | [Security Bulletin: Multiple vulnerabilities in Libxml2 affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21975225>) | 2017-04-14 | 27 \n[1989026](<http://www.ibm.com/support/docview.wss?uid=swg21989026>) | [IBM Security Network Protection firmware update 5.3.1.10 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21989026>) | 2017-04-14 | 28 \n[2003106](<http://www.ibm.com/support/docview.wss?uid=swg22003106>) | [Reduce link propagation duration on IBM QRadar Network Security (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg22003106>) | 2017-09-13 | 29 \n[1683071](<http://www.ibm.com/support/docview.wss?uid=swg21683071>) | [Security Network Protection Appliance (XGS) stuck in debug mode](<http://www.ibm.com/support/docview.wss?uid=swg21683071>) | 2018-05-01 | 30 \n[1977808](<http://www.ibm.com/support/docview.wss?uid=swg21977808>) | [IBM Security Network Protection 5.3.3 Web Services API](<http://www.ibm.com/support/docview.wss?uid=swg21977808>) | 2018-05-01 | 31 \n[1990337](<http://www.ibm.com/support/docview.wss?uid=swg21990337>) | [Using RESTful API to modify policies on the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21990337>) | 2017-04-14 | 32 \n[1993329](<http://www.ibm.com/support/docview.wss?uid=swg21993329>) | [IBM Security Network Protection firmware update 5.3.1.11 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21993329>) | 2017-04-14 | 33 \n[1966695](<http://www.ibm.com/support/docview.wss?uid=swg21966695>) | [Security Bulletin: A vulnerability in net-snmp affects IBM Security Network Protection (CVE-2015-5621) ](<http://www.ibm.com/support/docview.wss?uid=swg21966695>) | 2017-04-14 | 34 \n[1966972](<http://www.ibm.com/support/docview.wss?uid=swg21966972>) | [Security Bulletin: Vulnerabilities in curl affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21966972>) | 2017-04-14 | 35 \n[1977281](<http://www.ibm.com/support/docview.wss?uid=swg21977281>) | [Security Bulletin: GNU C library (glibc) vulnerability affects IBM Security Network Protection (CVE-2015-7547)](<http://www.ibm.com/support/docview.wss?uid=swg21977281>) | 2017-04-14 | 36 \n[1692722](<http://www.ibm.com/support/docview.wss?uid=swg21692722>) | [Requirement for managing the IBM Security Network Protection appliance in a NAT environment using the IBM Security SiteProtector system](<http://www.ibm.com/support/docview.wss?uid=swg21692722>) | 2017-04-14 | 37 \n[1996773](<http://www.ibm.com/support/docview.wss?uid=swg21996773>) | [IBM Security Network Protection firmware update 5.3.1.12 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21996773>) | 2017-04-14 | 38 \n[2004898](<http://www.ibm.com/support/docview.wss?uid=swg22004898>) | [SNMP interface name association on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22004898>) | 2017-10-02 | 39 \n[1965877](<http://www.ibm.com/support/docview.wss?uid=swg21965877>) | [Security Bulletin: A vulnerability in net-snmp affects IBM Security Network Protection (CVE-2014-3565) ](<http://www.ibm.com/support/docview.wss?uid=swg21965877>) | 2017-04-14 | 40 \n[1967057](<http://www.ibm.com/support/docview.wss?uid=swg21967057>) | [Security Bulletin: Vulnerabilities in IBM HTTP Server affect IBM Security Network Protection (CVE-2015-3183, and CVE-2015-1283)](<http://www.ibm.com/support/docview.wss?uid=swg21967057>) | 2017-04-14 | 41 \n[1978181](<http://www.ibm.com/support/docview.wss?uid=swg21978181>) | [IBM Security Network Protection firmware update 5.3.1.8 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21978181>) | 2017-04-14 | 42 \n[1978438](<http://www.ibm.com/support/docview.wss?uid=swg21978438>) | [Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21978438>) | 2017-04-14 | 43 \n[1662537](<http://www.ibm.com/support/docview.wss?uid=swg21662537>) | [Fingerprint USB flash drives are unable to reimage an XGS appliance](<http://www.ibm.com/support/docview.wss?uid=swg21662537>) | 2017-04-14 | 44 \n[1665106](<http://www.ibm.com/support/docview.wss?uid=swg21665106>) | [5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0002 ](<http://www.ibm.com/support/docview.wss?uid=swg21665106>) | 2017-04-14 | 45 \n[1964539](<http://www.ibm.com/support/docview.wss?uid=swg21964539>) | [Security Bulletin: Vulnerabilities in libuser affect IBM Security Network Protection (CVE-2015-3245, CVE-2015-3246) ](<http://www.ibm.com/support/docview.wss?uid=swg21964539>) | 2017-04-14 | 46 \n[1966578](<http://www.ibm.com/support/docview.wss?uid=swg21966578>) | [Security Bulletin: Vulnerabilities in NTP affect IBM Security Network Protection (CVE-2015-1798, CVE-2015-1799, and CVE-2015-3405) ](<http://www.ibm.com/support/docview.wss?uid=swg21966578>) | 2017-04-14 | 47 \n[1967169](<http://www.ibm.com/support/docview.wss?uid=swg21967169>) | [Security Bulletin: A vulnerability in GNU glibc affects IBM Security Network Protection (CVE-2014-8121) ](<http://www.ibm.com/support/docview.wss?uid=swg21967169>) | 2017-04-14 | 48 \n[1969664](<http://www.ibm.com/support/docview.wss?uid=swg21969664>) | [Security Bulletin: A vulnerability in Libxml affects IBM Security Network Protection (CVE-2015-1819) ](<http://www.ibm.com/support/docview.wss?uid=swg21969664>) | 2017-04-14 | 49 \n[1972209](<http://www.ibm.com/support/docview.wss?uid=swg21972209>) | [Security Bulletin: Vulnerabilities in GNU grep utility affect IBM Security Network Protection (CVE-2012-5667, and CVE-2015-1345) ](<http://www.ibm.com/support/docview.wss?uid=swg21972209>) | 2017-04-14 | 50 \n[1972382](<http://www.ibm.com/support/docview.wss?uid=swg21972382>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21972382>) | 2017-04-14 | 51 \n[1974423](<http://www.ibm.com/support/docview.wss?uid=swg21974423>) | [5.3.1.6-ISS-XGS-All-Models-Hotfix-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21974423>) | 2017-12-11 | 52 \n[1974550](<http://www.ibm.com/support/docview.wss?uid=swg21974550>) | [Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Network Protection (CVE-2015-3194, CVE-2015-3195, and CVE-2015-3196) ](<http://www.ibm.com/support/docview.wss?uid=swg21974550>) | 2017-04-14 | 53 \n[1974989](<http://www.ibm.com/support/docview.wss?uid=swg21974989>) | [Security Bulletin: A vulnerability in SQLite affects IBM Security Network Protection (CVE-2015-3416) ](<http://www.ibm.com/support/docview.wss?uid=swg21974989>) | 2017-04-14 | 54 \n[1975835](<http://www.ibm.com/support/docview.wss?uid=swg21975835>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21975835>) | 2017-04-14 | 55 \n[1979393](<http://www.ibm.com/support/docview.wss?uid=swg21979393>) | [Security Bulletin: Vulnerabilities in NTP affect IBM Security Network Protection (CVE-2015-5300, CVE-2015-7704, and CVE-2015-8138)](<http://www.ibm.com/support/docview.wss?uid=swg21979393>) | 2017-04-14 | 56 \n[1984069](<http://www.ibm.com/support/docview.wss?uid=swg21984069>) | [IBM Security Network Protection firmware update 5.3.1.9 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21984069>) | 2017-05-09 | 57 \n[1993419](<http://www.ibm.com/support/docview.wss?uid=swg21993419>) | [Configuring logon session limit for IBM Security Network Protection 5.3.3.1](<http://www.ibm.com/support/docview.wss?uid=swg21993419>) | 2017-04-14 | 58 \n \n\\+ Firmware\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1688434](<http://www.ibm.com/support/docview.wss?uid=swg21688434>) | [Generating a support file on the IBM Security Network Protection appliance (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21688434>) | 2017-04-14 | 1 \n[1883739](<http://www.ibm.com/support/docview.wss?uid=swg21883739>) | [SNMP OID list for IBM Security Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21883739>) | 2018-05-01 | 2 \n[1685000](<http://www.ibm.com/support/docview.wss?uid=swg21685000>) | [IBM Security Network Protection (XGS) appliance reimage instructions using the USB device](<http://www.ibm.com/support/docview.wss?uid=swg21685000>) | 2017-04-14 | 3 \n[2010780](<http://www.ibm.com/support/docview.wss?uid=swg22010780>) | [IBM QRadar Network Security firmware update 5.4.0.3 readme](<http://www.ibm.com/support/docview.wss?uid=swg22010780>) | 2017-12-13 | 4 \n[2007210](<http://www.ibm.com/support/docview.wss?uid=swg22007210>) | [IBM QRadar Network Security firmware update 5.4.0.2 readme](<http://www.ibm.com/support/docview.wss?uid=swg22007210>) | 2017-12-05 | 5 \n[1959896](<http://www.ibm.com/support/docview.wss?uid=swg21959896>) | [Migrate policies before running Security Network Protection firmware updates](<http://www.ibm.com/support/docview.wss?uid=swg21959896>) | 2018-01-29 | 6 \n[2002664](<http://www.ibm.com/support/docview.wss?uid=swg22002664>) | [IBM QRadar Network Security firmware update 5.4.0.1 readme](<http://www.ibm.com/support/docview.wss?uid=swg22002664>) | 2017-12-05 | 7 \n[2010783](<http://www.ibm.com/support/docview.wss?uid=swg22010783>) | [IBM Security Network Protection firmware update 5.3.3.5 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22010783>) | 2017-12-13 | 8 \n[2002662](<http://www.ibm.com/support/docview.wss?uid=swg22002662>) | [IBM Security Network Protection firmware update 5.3.3.3 Readme ](<http://www.ibm.com/support/docview.wss?uid=swg22002662>) | 2017-06-19 | 9 \n[2007211](<http://www.ibm.com/support/docview.wss?uid=swg22007211>) | [IBM Security Network Protection firmware update 5.3.3.4 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22007211>) | 2017-09-28 | 10 \n[1681609](<http://www.ibm.com/support/docview.wss?uid=swg21681609>) | [Mapping SiteProtector IBM QRadar Network Security IQNS (XGS) policy names to local appliance XML files](<http://www.ibm.com/support/docview.wss?uid=swg21681609>) | 2018-05-01 | 11 \n[2010784](<http://www.ibm.com/support/docview.wss?uid=swg22010784>) | [IBM Security Network Protection firmware update 5.3.1.15 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22010784>) | 2017-12-13 | 12 \n[1691157](<http://www.ibm.com/support/docview.wss?uid=swg21691157>) | [Security Network protection (XGS) Shared Object policies that are replaced after upgrade DBSP 3.1.1.2 and 3.1.1.3](<http://www.ibm.com/support/docview.wss?uid=swg21691157>) | 2018-05-01 | 13 \n[1964460](<http://www.ibm.com/support/docview.wss?uid=swg21964460>) | [IBM Security Network Protection Firmware Version 5.3.1.3 Release Notes](<http://www.ibm.com/support/docview.wss?uid=swg21964460>) | 2017-08-24 | 14 \n[1961419](<http://www.ibm.com/support/docview.wss?uid=swg21961419>) | [IBM Security Network Protection Firmware Version 5.3.1.2 Release Notes](<http://www.ibm.com/support/docview.wss?uid=swg21961419>) | 2017-10-16 | 15 \n[1990406](<http://www.ibm.com/support/docview.wss?uid=swg21990406>) | [Upgrade to IBM Security Network Protection (XGS) Firmware version 5.3.3 fails and causes the appliance un-configured.](<http://www.ibm.com/support/docview.wss?uid=swg21990406>) | 2017-04-14 | 16 \n[2007212](<http://www.ibm.com/support/docview.wss?uid=swg22007212>) | [IBM Security Network Protection firmware update 5.3.1.14 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22007212>) | 2017-09-28 | 17 \n[1902801](<http://www.ibm.com/support/docview.wss?uid=swg21902801>) | [IBM Infrastructure Security versioning information](<http://www.ibm.com/support/docview.wss?uid=swg21902801>) | 2017-08-24 | 18 \n[1961660](<http://www.ibm.com/support/docview.wss?uid=swg21961660>) | [Security Bulletin: Vulnerabilities in unzip affect IBM Security Network Protection (CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, and CVE-2014-9636 ) ](<http://www.ibm.com/support/docview.wss?uid=swg21961660>) | 2018-02-15 | 19 \n[7047165](<http://www.ibm.com/support/docview.wss?uid=swg27047165>) | [Open Mic Webcast: What is new in the XGS v5.3.2 firmware release? - 9 December 2015 [includes link to replay] [presentation is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27047165>) | 2017-04-15 | 20 \n[1691283](<http://www.ibm.com/support/docview.wss?uid=swg21691283>) | [Missing SiteProtector Management page after updating to 5.3 firmware](<http://www.ibm.com/support/docview.wss?uid=swg21691283>) | 2018-05-01 | 21 \n[1961670](<http://www.ibm.com/support/docview.wss?uid=swg21961670>) | [Security Bulletin: Vulnerabilities in Kerberos (krb5) affect IBM Security Network Protection (CVE-2014-5352, CVE-2014-5353, CVE-2014-5355, CVE-2014-9421, and CVE-2014-9422) ](<http://www.ibm.com/support/docview.wss?uid=swg21961670>) | 2018-02-15 | 22 \n[7048510](<http://www.ibm.com/support/docview.wss?uid=swg27048510>) | [Open Mic Webcast: About the XGS 5.3.3 firmware release - 25 August 2016 [includes link to replay] [presentation is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27048510>) | 2017-04-15 | 23 \n[1957677](<http://www.ibm.com/support/docview.wss?uid=swg21957677>) | [Upgrading multiple firmware versions at one time on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21957677>) | 2017-08-09 | 24 \n[1959774](<http://www.ibm.com/support/docview.wss?uid=swg21959774>) | [IBM Security Network Protection Firmware Version 5.3.1.1 Release Notes](<http://www.ibm.com/support/docview.wss?uid=swg21959774>) | 2018-05-01 | 25 \n[1961454](<http://www.ibm.com/support/docview.wss?uid=swg21961454>) | [Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21961454>) | 2018-02-15 | 26 \n[1965761](<http://www.ibm.com/support/docview.wss?uid=swg21965761>) | [Network Protection Firmware Version 5.3.1.4 Readme](<http://www.ibm.com/support/docview.wss?uid=swg21965761>) | 2017-08-24 | 27 \n[1989974](<http://www.ibm.com/support/docview.wss?uid=swg21989974>) | [Unconfigured state after upgrading from 5.2 or 5.3.0.x to 5.3.3 on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21989974>) | 2017-10-02 | 28 \n[2002663](<http://www.ibm.com/support/docview.wss?uid=swg22002663>) | [IBM Security Network Protection firmware update 5.3.1.13 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22002663>) | 2017-06-19 | 29 \n[2014163](<http://www.ibm.com/support/docview.wss?uid=swg22014163>) | [IBM Security Network Protection firmware update 5.3.1.16 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22014163>) | 2018-05-01 | 30 \n[2014164](<http://www.ibm.com/support/docview.wss?uid=swg22014164>) | [IBM Security Network Protection firmware update 5.3.3.6 Readme](<http://www.ibm.com/support/docview.wss?uid=swg22014164>) | 2018-05-01 | 31 \n[2014165](<http://www.ibm.com/support/docview.wss?uid=swg22014165>) | [IBM QRadar Network Security firmware update 5.4.0.4 readme](<http://www.ibm.com/support/docview.wss?uid=swg22014165>) | 2018-05-01 | 32 \n[2015856](<http://www.ibm.com/support/docview.wss?uid=swg22015856>) | [End of support (EOS) announcement: IBM Security Network Protection (XGS) firmware versions 5.3.1 and 5.3.3](<http://www.ibm.com/support/docview.wss?uid=swg22015856>) | 2018-05-13 | 33 \n \n\\+ Fix Packs\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1696498](<http://www.ibm.com/support/docview.wss?uid=swg21696498>) | [5.3.0.4-ISS-XGS-All-Models-Hotfix-FP0001](<http://www.ibm.com/support/docview.wss?uid=swg21696498>) | 2017-04-14 | 1 \n \n\\+ General Information\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1644709](<http://www.ibm.com/support/docview.wss?uid=swg21644709>) | [IBM Security Network Protection XGS Appliance Support Lifecycle](<http://www.ibm.com/support/docview.wss?uid=swg21644709>) | 2018-05-15 | 1 \n[1993939](<http://www.ibm.com/support/docview.wss?uid=swg21993939>) | [IBM Qradar Network Security (IQNS) is Unhealthy in SiteProtector, with health check message: \"Management Certificate Authorities Status\"](<http://www.ibm.com/support/docview.wss?uid=swg21993939>) | 2018-05-01 | 2 \n[1994106](<http://www.ibm.com/support/docview.wss?uid=swg21994106>) | [Error: \"BUG: soft lockup - CPU#1 stuck for 67s!\" on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21994106>) | 2018-05-23 | 3 \n[1662575](<http://www.ibm.com/support/docview.wss?uid=swg21662575>) | [Configuring the IBM Security Network Protection (XGS) remote syslog to send events to QRadar SIEM](<http://www.ibm.com/support/docview.wss?uid=swg21662575>) | 2017-04-14 | 4 \n[1970829](<http://www.ibm.com/support/docview.wss?uid=swg21970829>) | [Call home server IP addresses for automated Service and Support requests](<http://www.ibm.com/support/docview.wss?uid=swg21970829>) | 2017-10-06 | 5 \n[7050516](<http://www.ibm.com/support/docview.wss?uid=swg27050516>) | [Open Mic Webcast: Frequently asked How-to questions for XGS - Thursday, 7 December 2017 (Includes link to replay; presentation is attached)](<http://www.ibm.com/support/docview.wss?uid=swg27050516>) | 2017-12-14 | 6 \n[1683796](<http://www.ibm.com/support/docview.wss?uid=swg21683796>) | [Configuring the management IP on the QRadar Network Security (XGS) appliance via serial console](<http://www.ibm.com/support/docview.wss?uid=swg21683796>) | 2018-05-01 | 7 \n[1639239](<http://www.ibm.com/support/docview.wss?uid=swg21639239>) | [ISS.mib file download](<http://www.ibm.com/support/docview.wss?uid=swg21639239>) | 2017-08-24 | 8 \n[1980543](<http://www.ibm.com/support/docview.wss?uid=swg21980543>) | [Checking the health of Security Network Protection and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21980543>) | 2018-05-29 | 9 \n[1969670](<http://www.ibm.com/support/docview.wss?uid=swg21969670>) | [Security Bulletin: A vulnerability in OpenSSH affects IBM Security Network Protection (CVE-2015-5600) ](<http://www.ibm.com/support/docview.wss?uid=swg21969670>) | 2017-04-14 | 10 \n[1608008](<http://www.ibm.com/support/docview.wss?uid=swg21608008>) | [IBM Security Network Protection XGS 5000 Appliance Support Lifecycle](<http://www.ibm.com/support/docview.wss?uid=swg21608008>) | 2018-05-01 | 11 \n[1983893](<http://www.ibm.com/support/docview.wss?uid=swg21983893>) | [XFF header configuration on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21983893>) | 2018-06-01 | 12 \n[1690064](<http://www.ibm.com/support/docview.wss?uid=swg21690064>) | [The Security Network Protection appliance Certificate Authority expires soon](<http://www.ibm.com/support/docview.wss?uid=swg21690064>) | 2018-05-01 | 13 \n[1687475](<http://www.ibm.com/support/docview.wss?uid=swg21687475>) | [Some XGS events are being allowed after setting the Block response](<http://www.ibm.com/support/docview.wss?uid=swg21687475>) | 2017-09-04 | 14 \n[1972163](<http://www.ibm.com/support/docview.wss?uid=swg21972163>) | [Security Network Protection (XGS) is in Offline status but events are seen in the SiteProtector Console](<http://www.ibm.com/support/docview.wss?uid=swg21972163>) | 2017-04-14 | 15 \n[1715537](<http://www.ibm.com/support/docview.wss?uid=swg21715537>) | [Known issues for IBM Security Network Protection version 5.3.1](<http://www.ibm.com/support/docview.wss?uid=swg21715537>) | 2018-05-04 | 16 \n[1667625](<http://www.ibm.com/support/docview.wss?uid=swg21667625>) | [Packet flow through the Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21667625>) | 2018-05-01 | 17 \n[1973893](<http://www.ibm.com/support/docview.wss?uid=swg21973893>) | [Resolving \"certificate is invalid\" errors between SiteProtector and Security Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21973893>) | 2017-04-14 | 18 \n[1981483](<http://www.ibm.com/support/docview.wss?uid=swg21981483>) | [Resetting admin account credentials on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21981483>) | 2017-08-02 | 19 \n[1972077](<http://www.ibm.com/support/docview.wss?uid=swg21972077>) | [Registering a Security Network Protection appliance to SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21972077>) | 2017-04-14 | 20 \n[1980541](<http://www.ibm.com/support/docview.wss?uid=swg21980541>) | [Create alerts based on specific Security Network Protection (XGS) system alerts](<http://www.ibm.com/support/docview.wss?uid=swg21980541>) | 2017-04-14 | 21 \n[1981030](<http://www.ibm.com/support/docview.wss?uid=swg21981030>) | [OpenSignature setup and rule creation for IBM Security Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21981030>) | 2017-04-14 | 22 \n[2001013](<http://www.ibm.com/support/docview.wss?uid=swg22001013>) | [How to verify if FIPS mode is enabled on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22001013>) | 2018-05-01 | 23 \n[1983883](<http://www.ibm.com/support/docview.wss?uid=swg21983883>) | [Changing the hostname and agent name of a Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21983883>) | 2017-08-09 | 24 \n[7046863](<http://www.ibm.com/support/docview.wss?uid=swg27046863>) | [Open Mic Webcast: XGS High Availability and Bypass - 28 October 2015 [presentation is attached; includes link to replay]](<http://www.ibm.com/support/docview.wss?uid=swg27046863>) | 2017-04-15 | 25 \n[1968313](<http://www.ibm.com/support/docview.wss?uid=swg21968313>) | [Unable to open or edit Security Network Protection (XGS) policies from SiteProtector Console.](<http://www.ibm.com/support/docview.wss?uid=swg21968313>) | 2017-09-04 | 26 \n[7046480](<http://www.ibm.com/support/docview.wss?uid=swg27046480>) | [Open Mic Webcast: Configuring OpenSignature (SNORT) on XGS - 23 September 2015 [presentation slides are attached; includes link to replay]](<http://www.ibm.com/support/docview.wss?uid=swg27046480>) | 2017-04-15 | 27 \n[1695933](<http://www.ibm.com/support/docview.wss?uid=swg21695933>) | [Determining the hostname, MAC, and IP address of a QRadar Network Security appliance from a support file](<http://www.ibm.com/support/docview.wss?uid=swg21695933>) | 2018-05-23 | 28 \n[1982555](<http://www.ibm.com/support/docview.wss?uid=swg21982555>) | [Network Time Policy (NTP) cannot be modified](<http://www.ibm.com/support/docview.wss?uid=swg21982555>) | 2018-05-01 | 29 \n[1995795](<http://www.ibm.com/support/docview.wss?uid=swg21995795>) | [Replacing the self-signed certificate on Security Network Protection appliances](<http://www.ibm.com/support/docview.wss?uid=swg21995795>) | 2018-03-05 | 30 \n[1974447](<http://www.ibm.com/support/docview.wss?uid=swg21974447>) | [Exporting a previous policy version for QRadar Network Security in SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21974447>) | 2018-02-25 | 31 \n[1981482](<http://www.ibm.com/support/docview.wss?uid=swg21981482>) | [Hardening the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21981482>) | 2018-05-21 | 32 \n[2008040](<http://www.ibm.com/support/docview.wss?uid=swg22008040>) | [Support for defanged IP addresses and URLs on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22008040>) | 2017-09-13 | 33 \n[2003988](<http://www.ibm.com/support/docview.wss?uid=swg22003988>) | [Troubleshooting and tuning the Malware Analysis feature in QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22003988>) | 2018-05-28 | 34 \n[2011003](<http://www.ibm.com/support/docview.wss?uid=swg22011003>) | [Verifying that NTP is working on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22011003>) | 2018-05-01 | 35 \n[1984940](<http://www.ibm.com/support/docview.wss?uid=swg21984940>) | [The number of concurrent sessions of IBM Security Network Protection differs from that on the data sheet.](<http://www.ibm.com/support/docview.wss?uid=swg21984940>) | 2017-05-24 | 36 \n[2010544](<http://www.ibm.com/support/docview.wss?uid=swg22010544>) | [Error: \"anyAddress: required field is null\" when saving a Host Address object for QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22010544>) | 2017-12-13 | 37 \n[1970499](<http://www.ibm.com/support/docview.wss?uid=swg21970499>) | [QRadar Network Security is Unhealthy in SiteProtector due to disconnected monitoring interfaces](<http://www.ibm.com/support/docview.wss?uid=swg21970499>) | 2017-09-26 | 38 \n[1977762](<http://www.ibm.com/support/docview.wss?uid=swg21977762>) | [Inspecting IPv6 traffic that uses the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21977762>) | 2018-05-01 | 39 \n[2002825](<http://www.ibm.com/support/docview.wss?uid=swg22002825>) | [Troubleshooting email responses not working on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22002825>) | 2018-05-01 | 40 \n[7049119](<http://www.ibm.com/support/docview.wss?uid=swg27049119>) | [Open Mic Webcast: XGS version 5.3.3.1 - Wednesday, December 14, 2016 (Includes link to replay and corrected slide deck)](<http://www.ibm.com/support/docview.wss?uid=swg27049119>) | 2017-04-15 | 41 \n[1959895](<http://www.ibm.com/support/docview.wss?uid=swg21959895>) | [Locating CVE-related bulletins for your Infrastructure Security product](<http://www.ibm.com/support/docview.wss?uid=swg21959895>) | 2017-08-24 | 42 \n[1994079](<http://www.ibm.com/support/docview.wss?uid=swg21994079>) | [ISNP/IQNS (XGS) Open Mic Presentation Index ](<http://www.ibm.com/support/docview.wss?uid=swg21994079>) | 2017-06-05 | 43 \n[7048201](<http://www.ibm.com/support/docview.wss?uid=swg27048201>) | [Open Mic Webcast: A new vulnerability has been discovered - How do I protect my network using IBM Network Security Protection? Thursday, 30 June 2016 [Includes link to replay. Presentation is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27048201>) | 2017-04-15 | 44 \n[1688889](<http://www.ibm.com/support/docview.wss?uid=swg21688889>) | [XGS reports an event matching a non-existent rule in the Network Access Policy ](<http://www.ibm.com/support/docview.wss?uid=swg21688889>) | 2017-08-04 | 45 \n[1690336](<http://www.ibm.com/support/docview.wss?uid=swg21690336>) | [Migrate XGS policies before running 5.3 firmware update](<http://www.ibm.com/support/docview.wss?uid=swg21690336>) | 2017-09-04 | 46 \n[1967068](<http://www.ibm.com/support/docview.wss?uid=swg21967068>) | [\"Verifying checksums...\" displayed on the LCD of the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21967068>) | 2017-10-17 | 47 \n[1996658](<http://www.ibm.com/support/docview.wss?uid=swg21996658>) | [IBM Security Network Protection (XGS) generated support file has 0 Kb file size](<http://www.ibm.com/support/docview.wss?uid=swg21996658>) | 2018-05-01 | 48 \n[7048226](<http://www.ibm.com/support/docview.wss?uid=swg27048226>) | [IBM Support Open Mic Replay: Ask the InfraStructure Security Experts - 27 July 2016 [OpenSignature presentation is attached] ](<http://www.ibm.com/support/docview.wss?uid=swg27048226>) | 2017-04-15 | 49 \n[1645456](<http://www.ibm.com/support/docview.wss?uid=swg21645456>) | [Must exclude protection interface IP address from proxy configuration for IBM Security Network Protection appliances placed between users and proxy servers](<http://www.ibm.com/support/docview.wss?uid=swg21645456>) | 2017-04-14 | 50 \n[1685118](<http://www.ibm.com/support/docview.wss?uid=swg21685118>) | [Issues with Firefox version 31.x and 32.x and outbound SSL inspection using the IBM Security Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21685118>) | 2017-08-29 | 51 \n[1697063](<http://www.ibm.com/support/docview.wss?uid=swg21697063>) | [Fixes included in 5.3.0.4-ISS-XGS-All-Models-Hotfix-FP0002 ](<http://www.ibm.com/support/docview.wss?uid=swg21697063>) | 2017-04-14 | 52 \n[1701033](<http://www.ibm.com/support/docview.wss?uid=swg21701033>) | [SNMP traffic lists protection interface address as source IP address](<http://www.ibm.com/support/docview.wss?uid=swg21701033>) | 2017-04-14 | 53 \n[1884020](<http://www.ibm.com/support/docview.wss?uid=swg21884020>) | [SiteProtector System does not display correct IP address for Network Security appliance in NAT environment](<http://www.ibm.com/support/docview.wss?uid=swg21884020>) | 2017-04-14 | 54 \n[1993269](<http://www.ibm.com/support/docview.wss?uid=swg21993269>) | [Firewall rules necessary to ensure X-Force Exchange site access](<http://www.ibm.com/support/docview.wss?uid=swg21993269>) | 2017-04-14 | 55 \n[1993349](<http://www.ibm.com/support/docview.wss?uid=swg21993349>) | [Impact of the 2016-12-31 leap second IBM Security Infrastructure products](<http://www.ibm.com/support/docview.wss?uid=swg21993349>) | 2018-05-23 | 56 \n[2002060](<http://www.ibm.com/support/docview.wss?uid=swg22002060>) | [ISNP/IQNS (XGS) YouTube Video Index](<http://www.ibm.com/support/docview.wss?uid=swg22002060>) | 2017-07-05 | 57 \n[7046993](<http://www.ibm.com/support/docview.wss?uid=swg27046993>) | [Open Mic Webcast: So I just deployed the IBM Security Network Protection Appliance - what do I do next? 18 November 2015 [Includes link to replay] [Slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27046993>) | 2017-06-05 | 58 \n[1599354](<http://www.ibm.com/support/docview.wss?uid=swg21599354>) | [Security Systems My Notifications subscription instructions](<http://www.ibm.com/support/docview.wss?uid=swg21599354>) | 2017-04-14 | 59 \n[1655377](<http://www.ibm.com/support/docview.wss?uid=swg21655377>) | [Security Bulletin: Security Network Protection is affected by a cross-site scripting vulnerability (CVE-2013-5442)](<http://www.ibm.com/support/docview.wss?uid=swg21655377>) | 2018-02-15 | 60 \n[1667602](<http://www.ibm.com/support/docview.wss?uid=swg21667602>) | [Encryption used by the Network Protection (XGS) when communicating with ibmxpu.flexnetoperations.com](<http://www.ibm.com/support/docview.wss?uid=swg21667602>) | 2018-05-01 | 61 \n[1688002](<http://www.ibm.com/support/docview.wss?uid=swg21688002>) | [Known Issues for IBM Security Network Protection Firmware Version 5.3](<http://www.ibm.com/support/docview.wss?uid=swg21688002>) | 2017-04-14 | 62 \n[1692094](<http://www.ibm.com/support/docview.wss?uid=swg21692094>) | [Network Protection policies are missing from SiteProtector after upgrading firmware to 5.3 or 5.3.0.1](<http://www.ibm.com/support/docview.wss?uid=swg21692094>) | 2018-05-01 | 63 \n[1697667](<http://www.ibm.com/support/docview.wss?uid=swg21697667>) | [5.3.0.1-ISS-XGS-All-Models-Hotfix-FP0001 ](<http://www.ibm.com/support/docview.wss?uid=swg21697667>) | 2017-04-14 | 64 \n[1963637](<http://www.ibm.com/support/docview.wss?uid=swg21963637>) | [Disabling QRadar Network Security event posting to SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21963637>) | 2017-09-26 | 65 \n[1966075](<http://www.ibm.com/support/docview.wss?uid=swg21966075>) | [Severity-based event responses on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21966075>) | 2017-09-11 | 66 \n[1969771](<http://www.ibm.com/support/docview.wss?uid=swg21969771>) | [Security Bulletin: A vulnerability in Pluggable Authentication Modules (PAM) affects IBM Security Network Protection (CVE-2015-3238)](<http://www.ibm.com/support/docview.wss?uid=swg21969771>) | 2017-04-14 | 67 \n[1980537](<http://www.ibm.com/support/docview.wss?uid=swg21980537>) | [Disabling TCP timestamps on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21980537>) | 2018-05-28 | 68 \n[1984726](<http://www.ibm.com/support/docview.wss?uid=swg21984726>) | [Security Network Protection (XGS) appliances send packets out of order](<http://www.ibm.com/support/docview.wss?uid=swg21984726>) | 2018-05-01 | 69 \n[1988858](<http://www.ibm.com/support/docview.wss?uid=swg21988858>) | [Determine whether the XGS 5100 requires a 5.3.2.3 LCD Hotfix](<http://www.ibm.com/support/docview.wss?uid=swg21988858>) | 2017-08-24 | 70 \n[7048767](<http://www.ibm.com/support/docview.wss?uid=swg27048767>) | [Open Mic replay: Basic Troubleshooting of XGS - 22 September 2016 ](<http://www.ibm.com/support/docview.wss?uid=swg27048767>) | 2017-04-15 | 71 \n[1643250](<http://www.ibm.com/support/docview.wss?uid=swg21643250>) | [IBM Security Systems Infrastructure product aliases](<http://www.ibm.com/support/docview.wss?uid=swg21643250>) | 2017-09-04 | 72 \n[1665279](<http://www.ibm.com/support/docview.wss?uid=swg21665279>) | [Security Bulletin: IBM Security Network Protection System can be affected by vulnerabilities in Ruby on Rails and the Ruby language (CVE-2013-4492, CVE-2013-4164)](<http://www.ibm.com/support/docview.wss?uid=swg21665279>) | 2018-02-15 | 73 \n[1686343](<http://www.ibm.com/support/docview.wss?uid=swg21686343>) | [Confirm user name and reset password for the Logon-event Scanner](<http://www.ibm.com/support/docview.wss?uid=swg21686343>) | 2018-05-01 | 74 \n[1689782](<http://www.ibm.com/support/docview.wss?uid=swg21689782>) | [System Error Top 10 Applications: Unable to retrieve the data requested](<http://www.ibm.com/support/docview.wss?uid=swg21689782>) | 2017-04-14 | 75 \n[1987547](<http://www.ibm.com/support/docview.wss?uid=swg21987547>) | [Where can a customer obtain information about new network attacks? ](<http://www.ibm.com/support/docview.wss?uid=swg21987547>) | 2017-07-08 | 76 \n[1987984](<http://www.ibm.com/support/docview.wss?uid=swg21987984>) | [System Event code list for IBM Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21987984>) | 2018-06-03 | 77 \n[1988153](<http://www.ibm.com/support/docview.wss?uid=swg21988153>) | [Obtaining information about protection against new network attacks](<http://www.ibm.com/support/docview.wss?uid=swg21988153>) | 2017-09-18 | 78 \n[2011432](<http://www.ibm.com/support/docview.wss?uid=swg22011432>) | [FNXUD0002I system events in Monitoring mode on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22011432>) | 2018-02-19 | 79 \n \n\\+ Hardware\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1680286](<http://www.ibm.com/support/docview.wss?uid=swg21680286>) | [IBM QRadar Network Security IQNS (XGS) 3100/4100/5100/7100 hardware comparison and NIM configurations](<http://www.ibm.com/support/docview.wss?uid=swg21680286>) | 2018-05-01 | 1 \n[1455876](<http://www.ibm.com/support/docview.wss?uid=swg21455876>) | [Obtaining the serial number and model number from an IBM Security or Proventia appliance](<http://www.ibm.com/support/docview.wss?uid=swg21455876>) | 2018-01-01 | 2 \n[1684986](<http://www.ibm.com/support/docview.wss?uid=swg21684986>) | [Running Platform Hardware Diagnostics utility on the Security Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21684986>) | 2018-05-01 | 3 \n[1691051](<http://www.ibm.com/support/docview.wss?uid=swg21691051>) | [IBM QRadar Network Security IQNS (XGS) appliance High Availability (HA) cabling guide](<http://www.ibm.com/support/docview.wss?uid=swg21691051>) | 2018-05-01 | 4 \n[1697576](<http://www.ibm.com/support/docview.wss?uid=swg21697576>) | [IBM Security RMA form](<http://www.ibm.com/support/docview.wss?uid=swg21697576>) | 2018-05-01 | 5 \n[1962052](<http://www.ibm.com/support/docview.wss?uid=swg21962052>) | [Customer Replaceable Unit (CRU) parts for IBM Infrastructure Security products](<http://www.ibm.com/support/docview.wss?uid=swg21962052>) | 2017-04-14 | 6 \n[1959769](<http://www.ibm.com/support/docview.wss?uid=swg21959769>) | [LED status indicators on the IBM Security Network Protection (XGS) and IBM Security Network Intrusion Prevention System (GX) appliances](<http://www.ibm.com/support/docview.wss?uid=swg21959769>) | 2018-05-01 | 7 \n[1959487](<http://www.ibm.com/support/docview.wss?uid=swg21959487>) | [Locating the serial number on IBM Security Network Protection (XGS) appliances](<http://www.ibm.com/support/docview.wss?uid=swg21959487>) | 2018-05-01 | 8 \n[1984376](<http://www.ibm.com/support/docview.wss?uid=swg21984376>) | [The Security Network Protection XGS 5100 10G NIMs are not recognized ](<http://www.ibm.com/support/docview.wss?uid=swg21984376>) | 2017-08-28 | 9 \n[1964988](<http://www.ibm.com/support/docview.wss?uid=swg21964988>) | [Configuring management interface link speed and duplex settings for QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21964988>) | 2017-09-04 | 10 \n[1980532](<http://www.ibm.com/support/docview.wss?uid=swg21980532>) | [IBM Security Network Protection (XGS) 7100 requires Network Interface Modules (NIM) with firmware 1.6.0 or higher](<http://www.ibm.com/support/docview.wss?uid=swg21980532>) | 2017-04-14 | 11 \n[2004899](<http://www.ibm.com/support/docview.wss?uid=swg22004899>) | [Hardware health check interval on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22004899>) | 2017-11-10 | 12 \n[1977921](<http://www.ibm.com/support/docview.wss?uid=swg21977921>) | [Speed and duplex settings are grayed out when using a 10G NIM module on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21977921>) | 2018-05-06 | 13 \n[2004680](<http://www.ibm.com/support/docview.wss?uid=swg22004680>) | [Manufacturing information for IBM Security hardware](<http://www.ibm.com/support/docview.wss?uid=swg22004680>) | 2018-05-21 | 14 \n[1883752](<http://www.ibm.com/support/docview.wss?uid=swg21883752>) | [Fiber optic cable types that can be used with the Security Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21883752>) | 2017-04-14 | 15 \n[1903077](<http://www.ibm.com/support/docview.wss?uid=swg21903077>) | [Log information indicating A/C power reset is needed on IQNS](<http://www.ibm.com/support/docview.wss?uid=swg21903077>) | 2018-05-01 | 16 \n[1987913](<http://www.ibm.com/support/docview.wss?uid=swg21987913>) | [Link down to the network switch after restarting IBM Security Network Protection XGS 7100](<http://www.ibm.com/support/docview.wss?uid=swg21987913>) | 2017-04-14 | 17 \n[2001134](<http://www.ibm.com/support/docview.wss?uid=swg22001134>) | [Securely wipe a QRadar Network Security appliance](<http://www.ibm.com/support/docview.wss?uid=swg22001134>) | 2018-05-06 | 18 \n[1977445](<http://www.ibm.com/support/docview.wss?uid=swg21977445>) | [QRadar Network Security support for USB 3.0](<http://www.ibm.com/support/docview.wss?uid=swg21977445>) | 2018-05-01 | 19 \n \n\\+ Identity\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1667633](<http://www.ibm.com/support/docview.wss?uid=swg21667633>) | [Policy differences between the Security Network IPS and Security Network Protection System](<http://www.ibm.com/support/docview.wss?uid=swg21667633>) | 2018-05-01 | 1 \n[1980526](<http://www.ibm.com/support/docview.wss?uid=swg21980526>) | [Error: \"side-by-side configuration is incorrect\" when starting Security Logon Event Scanner](<http://www.ibm.com/support/docview.wss?uid=swg21980526>) | 2017-06-10 | 2 \n[1593164](<http://www.ibm.com/support/docview.wss?uid=swg21593164>) | [Downloading the Security Logon-event Scanner software](<http://www.ibm.com/support/docview.wss?uid=swg21593164>) | 2017-06-10 | 3 \n[1981955](<http://www.ibm.com/support/docview.wss?uid=swg21981955>) | [Common issues when configuring Passive Authentication and the Logon-event Scanner for the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21981955>) | 2017-04-23 | 4 \n[1980531](<http://www.ibm.com/support/docview.wss?uid=swg21980531>) | [Security Network Protection Passive Authentication is logging events from authenticated users as \"unauthenticated user\"](<http://www.ibm.com/support/docview.wss?uid=swg21980531>) | 2017-08-02 | 5 \n[1990089](<http://www.ibm.com/support/docview.wss?uid=swg21990089>) | [Installing Logon-event Scanner version 7.0](<http://www.ibm.com/support/docview.wss?uid=swg21990089>) | 2017-05-24 | 6 \n[1667487](<http://www.ibm.com/support/docview.wss?uid=swg21667487>) | [Authentication portal session timeout information for the Security Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21667487>) | 2018-05-01 | 7 \n[1698729](<http://www.ibm.com/support/docview.wss?uid=swg21698729>) | [Error when adding Remote Identity Objects on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21698729>) | 2017-04-14 | 8 \n[1990094](<http://www.ibm.com/support/docview.wss?uid=swg21990094>) | [No active sessions in Security Network Protection (XGS) after installing Logon-event Scanner version 7.0](<http://www.ibm.com/support/docview.wss?uid=swg21990094>) | 2017-07-12 | 9 \n[2004901](<http://www.ibm.com/support/docview.wss?uid=swg22004901>) | [Active Directory authentication fails on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22004901>) | 2017-12-13 | 10 \n[1695029](<http://www.ibm.com/support/docview.wss?uid=swg21695029>) | [Configuring protection interfaces for the Captive Authentication portal](<http://www.ibm.com/support/docview.wss?uid=swg21695029>) | 2018-05-01 | 11 \n[1672960](<http://www.ibm.com/support/docview.wss?uid=swg21672960>) | [Error when trying to add Remote Identity objects on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21672960>) | 2017-09-26 | 12 \n[1696727](<http://www.ibm.com/support/docview.wss?uid=swg21696727>) | [Logon-event Scanner service stops on the Active Directory server](<http://www.ibm.com/support/docview.wss?uid=swg21696727>) | 2018-05-01 | 13 \n[1990090](<http://www.ibm.com/support/docview.wss?uid=swg21990090>) | [Managing Logon-event Scanner Version 7.0](<http://www.ibm.com/support/docview.wss?uid=swg21990090>) | 2017-04-14 | 14 \n[1649622](<http://www.ibm.com/support/docview.wss?uid=swg21649622>) | [Inbound connections fail when user authentication does not include a destination object specifying which adapters are external](<http://www.ibm.com/support/docview.wss?uid=swg21649622>) | 2017-04-14 | 15 \n[1696728](<http://www.ibm.com/support/docview.wss?uid=swg21696728>) | [Logon-event Scanner is unable to process Russian characters](<http://www.ibm.com/support/docview.wss?uid=swg21696728>) | 2017-04-14 | 16 \n[1973114](<http://www.ibm.com/support/docview.wss?uid=swg21973114>) | [Security Logon-event Scanner does not report active sessions when domain names do not match](<http://www.ibm.com/support/docview.wss?uid=swg21973114>) | 2017-04-23 | 17 \n[1975846](<http://www.ibm.com/support/docview.wss?uid=swg21975846>) | [Network Protection (XGS) - Passively authenticated users or group-based NAP rules do not match](<http://www.ibm.com/support/docview.wss?uid=swg21975846>) | 2018-05-01 | 18 \n[1980530](<http://www.ibm.com/support/docview.wss?uid=swg21980530>) | [Security Logon-event Scanner Domain Administrator account is not seen as an active session by the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21980530>) | 2018-05-28 | 19 \n[1980552](<http://www.ibm.com/support/docview.wss?uid=swg21980552>) | [Logon-event Scanner can no longer communicate with the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21980552>) | 2017-05-28 | 20 \n \n\\+ Installation\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1964546](<http://www.ibm.com/support/docview.wss?uid=swg21964546>) | [IBM QRadar Network Security IQNS (XGS) and Security Network IPS (GX) cabling guidelines](<http://www.ibm.com/support/docview.wss?uid=swg21964546>) | 2018-05-01 | 1 \n[1964989](<http://www.ibm.com/support/docview.wss?uid=swg21964989>) | [Error: \"Character content other than whitespace\" after reimaging or updating an XGS sensor](<http://www.ibm.com/support/docview.wss?uid=swg21964989>) | 2017-09-04 | 2 \n[1962633](<http://www.ibm.com/support/docview.wss?uid=swg21962633>) | [IBM Security Network Protection (XGS) and Network Intrusion Prevention (IPS) install guidelines after a replacement unit (RMA) was received](<http://www.ibm.com/support/docview.wss?uid=swg21962633>) | 2017-06-19 | 3 \n[1962593](<http://www.ibm.com/support/docview.wss?uid=swg21962593>) | [Moving Security Network Protection policies to a new SiteProtector system](<http://www.ibm.com/support/docview.wss?uid=swg21962593>) | 2017-04-14 | 4 \n[1694346](<http://www.ibm.com/support/docview.wss?uid=swg21694346>) | [Security Network Protection (XGS) System error when registing with SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21694346>) | 2018-05-01 | 5 \n \n\\+ Interim Fixes\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1966077](<http://www.ibm.com/support/docview.wss?uid=swg21966077>) | [Certificate \"expired or is near expiration\" message after you import a new LMI certificate on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21966077>) | 2017-09-18 | 1 \n[1677166](<http://www.ibm.com/support/docview.wss?uid=swg21677166>) | [Fixes and patches available for IBM Security products](<http://www.ibm.com/support/docview.wss?uid=swg21677166>) | 2018-05-13 | 2 \n[1700713](<http://www.ibm.com/support/docview.wss?uid=swg21700713>) | [IBM Security Network Protection (XGS) firmware 5.3.0.5 release notes](<http://www.ibm.com/support/docview.wss?uid=swg21700713>) | 2018-05-01 | 3 \n[1961507](<http://www.ibm.com/support/docview.wss?uid=swg21961507>) | [Security Network Protection sensor vulnerability to CVE-2014-2532](<http://www.ibm.com/support/docview.wss?uid=swg21961507>) | 2017-10-23 | 4 \n[1902778](<http://www.ibm.com/support/docview.wss?uid=swg21902778>) | [Security Network Protection firmware 5.3.1 release notes](<http://www.ibm.com/support/docview.wss?uid=swg21902778>) | 2018-05-01 | 5 \n[1960788](<http://www.ibm.com/support/docview.wss?uid=swg21960788>) | [5.3.1.1-ISS-XGS-All-Models-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21960788>) | 2018-05-01 | 6 \n[2000334](<http://www.ibm.com/support/docview.wss?uid=swg22000334>) | [5.3.3.2-ISS-XGS-All-Models-Hotfix-IF0003](<http://www.ibm.com/support/docview.wss?uid=swg22000334>) | 2017-06-30 | 7 \n[1959193](<http://www.ibm.com/support/docview.wss?uid=swg21959193>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0009 ](<http://www.ibm.com/support/docview.wss?uid=swg21959193>) | 2018-05-13 | 8 \n[1959666](<http://www.ibm.com/support/docview.wss?uid=swg21959666>) | [5.3.0.6-ISS-XGS-All-Models-IF0002](<http://www.ibm.com/support/docview.wss?uid=swg21959666>) | 2018-05-21 | 9 \n[1972784](<http://www.ibm.com/support/docview.wss?uid=swg21972784>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0013](<http://www.ibm.com/support/docview.wss?uid=swg21972784>) | 2017-04-14 | 10 \n[1690659](<http://www.ibm.com/support/docview.wss?uid=swg21690659>) | [5.3.0.0-ISS-XGS-All-Models-Hotfix-FP0001](<http://www.ibm.com/support/docview.wss?uid=swg21690659>) | 2017-04-14 | 11 \n[1664576](<http://www.ibm.com/support/docview.wss?uid=swg21664576>) | [5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0002](<http://www.ibm.com/support/docview.wss?uid=swg21664576>) | 2017-04-14 | 12 \n[1681073](<http://www.ibm.com/support/docview.wss?uid=swg21681073>) | [5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0006](<http://www.ibm.com/support/docview.wss?uid=swg21681073>) | 2017-06-24 | 13 \n[1685298](<http://www.ibm.com/support/docview.wss?uid=swg21685298>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0004](<http://www.ibm.com/support/docview.wss?uid=swg21685298>) | 2018-05-01 | 14 \n[1685299](<http://www.ibm.com/support/docview.wss?uid=swg21685299>) | [5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0012](<http://www.ibm.com/support/docview.wss?uid=swg21685299>) | 2018-05-01 | 15 \n[1685300](<http://www.ibm.com/support/docview.wss?uid=swg21685300>) | [5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0007](<http://www.ibm.com/support/docview.wss?uid=swg21685300>) | 2018-05-01 | 16 \n[1685301](<http://www.ibm.com/support/docview.wss?uid=swg21685301>) | [5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0008](<http://www.ibm.com/support/docview.wss?uid=swg21685301>) | 2018-05-01 | 17 \n[1685302](<http://www.ibm.com/support/docview.wss?uid=swg21685302>) | [5.1.2.1-ISS-XGS-All-Models-Hotfix-FP0004](<http://www.ibm.com/support/docview.wss?uid=swg21685302>) | 2018-05-01 | 18 \n[1690850](<http://www.ibm.com/support/docview.wss?uid=swg21690850>) | [5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0013](<http://www.ibm.com/support/docview.wss?uid=swg21690850>) | 2017-04-14 | 19 \n[1690851](<http://www.ibm.com/support/docview.wss?uid=swg21690851>) | [5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0008](<http://www.ibm.com/support/docview.wss?uid=swg21690851>) | 2017-04-14 | 20 \n[1693604](<http://www.ibm.com/support/docview.wss?uid=swg21693604>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0006](<http://www.ibm.com/support/docview.wss?uid=swg21693604>) | 2017-04-14 | 21 \n[1696054](<http://www.ibm.com/support/docview.wss?uid=swg21696054>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0007](<http://www.ibm.com/support/docview.wss?uid=swg21696054>) | 2018-05-01 | 22 \n[1700617](<http://www.ibm.com/support/docview.wss?uid=swg21700617>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0008](<http://www.ibm.com/support/docview.wss?uid=swg21700617>) | 2017-04-23 | 23 \n[1903749](<http://www.ibm.com/support/docview.wss?uid=swg21903749>) | [5.3.0.6-ISS-XGS-All-Models-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21903749>) | 2018-05-01 | 24 \n[1960784](<http://www.ibm.com/support/docview.wss?uid=swg21960784>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP00010](<http://www.ibm.com/support/docview.wss?uid=swg21960784>) | 2018-05-01 | 25 \n[1960785](<http://www.ibm.com/support/docview.wss?uid=swg21960785>) | [5.3.0.6-ISS-XGS-All-Models-IF0003](<http://www.ibm.com/support/docview.wss?uid=swg21960785>) | 2018-05-21 | 26 \n[1968790](<http://www.ibm.com/support/docview.wss?uid=swg21968790>) | [5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0012](<http://www.ibm.com/support/docview.wss?uid=swg21968790>) | 2017-09-26 | 27 \n[1975563](<http://www.ibm.com/support/docview.wss?uid=swg21975563>) | [5.3.1.7-ISS-XGS-All-Models-Hotfix-IF0001](<http://www.ibm.com/support/docview.wss?uid=swg21975563>) | 2017-04-14 | 28 \n \n\\+ Intrusion Prevention Module (IPM)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1680386](<http://www.ibm.com/support/docview.wss?uid=swg21680386>) | [Migrating existing Security Network IPS policies to the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21680386>) | 2018-05-01 | 1 \n[1962048](<http://www.ibm.com/support/docview.wss?uid=swg21962048>) | [Difference between Allow and Ignore in the IPS Event Filter Policy on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21962048>) | 2017-09-04 | 2 \n[1695087](<http://www.ibm.com/support/docview.wss?uid=swg21695087>) | [Warning: RSYSLOG response: LEEF message is truncated, IBM QRadar Network Security IQNS (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21695087>) | 2018-05-01 | 3 \n[1958077](<http://www.ibm.com/support/docview.wss?uid=swg21958077>) | [XML content of policy export on Network IPS and Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21958077>) | 2017-08-02 | 4 \n[1660083](<http://www.ibm.com/support/docview.wss?uid=swg21660083>) | [QRadar SIEM only logging Network Access events but not IPS Security Events from Security Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21660083>) | 2017-04-14 | 5 \n[1687457](<http://www.ibm.com/support/docview.wss?uid=swg21687457>) | [Certain security events can only be used in the Default IPS policy object on the IBM QRadar Network Security IQNS/XGS sensor](<http://www.ibm.com/support/docview.wss?uid=swg21687457>) | 2018-05-01 | 6 \n[7047767](<http://www.ibm.com/support/docview.wss?uid=swg27047767>) | [XGS Open Mic Webcast: Application Control and IP Reputation Demystified! Thursday, 31 March 2016 [Includes attached presentation and link to replay]](<http://www.ibm.com/support/docview.wss?uid=swg27047767>) | 2017-04-15 | 7 \n[1682385](<http://www.ibm.com/support/docview.wss?uid=swg21682385>) | [IBM Qradar Network Security -IQNS (XGS) not firing IPS events after being registered in SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21682385>) | 2018-05-01 | 8 \n[1963728](<http://www.ibm.com/support/docview.wss?uid=swg21963728>) | [IBM Security Network Protection (XGS) security events UNIX timestamp conversion tool](<http://www.ibm.com/support/docview.wss?uid=swg21963728>) | 2017-04-16 | 9 \n[1696200](<http://www.ibm.com/support/docview.wss?uid=swg21696200>) | [Logging URL data from Network Access events](<http://www.ibm.com/support/docview.wss?uid=swg21696200>) | 2018-05-01 | 10 \n[1699305](<http://www.ibm.com/support/docview.wss?uid=swg21699305>) | [System error shows \"Issue ID: value already exists\" when attempting to add/edit IPS Event Filter rules](<http://www.ibm.com/support/docview.wss?uid=swg21699305>) | 2017-04-14 | 11 \n \n\\+ Licensing and Updates (LUM)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1679077](<http://www.ibm.com/support/docview.wss?uid=swg21679077>) | [Steps to generate or regenerate license keys from the IBM License Key Center](<http://www.ibm.com/support/docview.wss?uid=swg21679077>) | 2018-05-01 | 1 \n[1680383](<http://www.ibm.com/support/docview.wss?uid=swg21680383>) | [IBM QRadar Network Security IQNS (XGS) licensing summary](<http://www.ibm.com/support/docview.wss?uid=swg21680383>) | 2018-05-01 | 2 \n[1437057](<http://www.ibm.com/support/docview.wss?uid=swg21437057>) | [Firewall rules necessary to ensure that IBM Security and Lotus Protector for Mail Security Products can update](<http://www.ibm.com/support/docview.wss?uid=swg21437057>) | 2017-09-10 | 3 \n[1965396](<http://www.ibm.com/support/docview.wss?uid=swg21965396>) | [Best practices for firmware upgrades on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21965396>) | 2017-06-10 | 4 \n[1961077](<http://www.ibm.com/support/docview.wss?uid=swg21961077>) | [Manually applying updates on the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21961077>) | 2017-05-13 | 5 \n[1678995](<http://www.ibm.com/support/docview.wss?uid=swg21678995>) | [IBM QRadar Network Security IQNS (XGS) does not apply all currently entitled licenses after it is registered with SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21678995>) | 2018-05-01 | 6 \n[1964486](<http://www.ibm.com/support/docview.wss?uid=swg21964486>) | [Internet access configuration for Application Database updates on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21964486>) | 2018-05-01 | 7 \n[1693920](<http://www.ibm.com/support/docview.wss?uid=swg21693920>) | [Network Protection (XGS) firmware update fails to install](<http://www.ibm.com/support/docview.wss?uid=swg21693920>) | 2018-05-01 | 8 \n[1610380](<http://www.ibm.com/support/docview.wss?uid=swg21610380>) | [Adding or Changing Registered End Users (REUs) in Flexera Licensing Key Center (LKC)](<http://www.ibm.com/support/docview.wss?uid=swg21610380>) | 2017-09-07 | 9 \n[1988156](<http://www.ibm.com/support/docview.wss?uid=swg21988156>) | [Security Network Protection license refresh timing in SiteProtector](<http://www.ibm.com/support/docview.wss?uid=swg21988156>) | 2017-04-14 | 10 \n[1996659](<http://www.ibm.com/support/docview.wss?uid=swg21996659>) | [GLGUP1012E alerts on IBM Security Network Protection (XGS) not configured for internet access](<http://www.ibm.com/support/docview.wss?uid=swg21996659>) | 2018-05-01 | 11 \n[1970863](<http://www.ibm.com/support/docview.wss?uid=swg21970863>) | [Possible memory leak in 5.3.1.5 firmware release](<http://www.ibm.com/support/docview.wss?uid=swg21970863>) | 2017-04-14 | 12 \n[1986089](<http://www.ibm.com/support/docview.wss?uid=swg21986089>) | [License expiration date does not change after adding a new license to the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21986089>) | 2017-08-28 | 13 \n[1975847](<http://www.ibm.com/support/docview.wss?uid=swg21975847>) | [Unable to find recently purchased licenses for IBM Security products](<http://www.ibm.com/support/docview.wss?uid=swg21975847>) | 2018-05-01 | 14 \n \n\\+ Local Management Interface (LMI)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[2007513](<http://www.ibm.com/support/docview.wss?uid=swg22007513>) | [Error: \"Failed to find an app server\" and web interface not accessible on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg22007513>) | 2017-09-08 | 1 \n[1976862](<http://www.ibm.com/support/docview.wss?uid=swg21976862>) | [LMI certificate management on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21976862>) | 2018-02-26 | 2 \n[1983851](<http://www.ibm.com/support/docview.wss?uid=swg21983851>) | [Change the Security Network Protection (XGS) default administrator password in the Local Management Interface (LMI)](<http://www.ibm.com/support/docview.wss?uid=swg21983851>) | 2018-05-01 | 3 \n[1766545](<http://www.ibm.com/support/docview.wss?uid=swg21766545>) | [Configuring multiple accounts for LMI and CLI on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21766545>) | 2018-05-20 | 4 \n[1983880](<http://www.ibm.com/support/docview.wss?uid=swg21983880>) | [Token-based two-factor authentication on QRadar Network Security and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21983880>) | 2017-05-28 | 5 \n[1883738](<http://www.ibm.com/support/docview.wss?uid=swg21883738>) | [Disabling weak ciphers for the LMI of the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21883738>) | 2018-02-01 | 6 \n[1988154](<http://www.ibm.com/support/docview.wss?uid=swg21988154>) | [Internet Explorer Compatibility View mode causes LMI issues on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21988154>) | 2017-08-28 | 7 \n[1969071](<http://www.ibm.com/support/docview.wss?uid=swg21969071>) | [LMI is inaccessible after replacing the certificate on QRadar Network Protection (XGS) sensors](<http://www.ibm.com/support/docview.wss?uid=swg21969071>) | 2017-10-01 | 8 \n[1990349](<http://www.ibm.com/support/docview.wss?uid=swg21990349>) | [Error: \"The page you were looking for doesn't exist\" on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21990349>) | 2017-04-14 | 9 \n[1595890](<http://www.ibm.com/support/docview.wss?uid=swg21595890>) | [Supported Browsers for the IBM Security Network Protection Appliance](<http://www.ibm.com/support/docview.wss?uid=swg21595890>) | 2017-04-14 | 10 \n[1682813](<http://www.ibm.com/support/docview.wss?uid=swg21682813>) | [Blank Interface Statistics Graphs in the Local Management Interface (LMI)](<http://www.ibm.com/support/docview.wss?uid=swg21682813>) | 2018-05-01 | 11 \n[1970018](<http://www.ibm.com/support/docview.wss?uid=swg21970018>) | [Certficate in Awaiting CA Certificate Upload status for the Security Network Protection LMI](<http://www.ibm.com/support/docview.wss?uid=swg21970018>) | 2017-04-14 | 12 \n[1983898](<http://www.ibm.com/support/docview.wss?uid=swg21983898>) | [Unable to access LMI after applying fix pack 5.3.X-ISS-XGS-Remove-LMI-Certs to a Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21983898>) | 2017-04-14 | 13 \n[1968985](<http://www.ibm.com/support/docview.wss?uid=swg21968985>) | [Unable to access the LMI in Firefox after configuring FIPS on the Security Network Protection sensor](<http://www.ibm.com/support/docview.wss?uid=swg21968985>) | 2017-04-14 | 14 \n[2000598](<http://www.ibm.com/support/docview.wss?uid=swg22000598>) | [Unable to add SNMP object to Security Network Protection at firmware 5.3.3.2](<http://www.ibm.com/support/docview.wss?uid=swg22000598>) | 2018-05-01 | 15 \n[1713633](<http://www.ibm.com/support/docview.wss?uid=swg21713633>) | [Local event data retention settings on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21713633>) | 2018-05-28 | 16 \n[1963516](<http://www.ibm.com/support/docview.wss?uid=swg21963516>) | [System Error when using a third-party certificate in QRadar Network Security LMI](<http://www.ibm.com/support/docview.wss?uid=swg21963516>) | 2017-09-26 | 17 \n[1989975](<http://www.ibm.com/support/docview.wss?uid=swg21989975>) | [Hardcoding speed and duplex on M.1 might not work on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21989975>) | 2017-10-02 | 18 \n[1987436](<http://www.ibm.com/support/docview.wss?uid=swg21987436>) | [Access to captive portal using IPv6 address fails on IBM Security Network Protection appliances (XGS). ](<http://www.ibm.com/support/docview.wss?uid=swg21987436>) | 2017-04-14 | 19 \n[1661873](<http://www.ibm.com/support/docview.wss?uid=swg21661873>) | [Unable to download support files from an QRadar Network Security with IE Enhanced Security Configuration installed](<http://www.ibm.com/support/docview.wss?uid=swg21661873>) | 2018-05-01 | 20 \n[1983889](<http://www.ibm.com/support/docview.wss?uid=swg21983889>) | [HTTP 500 Internal Server Error when accessing the Security Network Protection (XGS) Local Management Interface (LMI)](<http://www.ibm.com/support/docview.wss?uid=swg21983889>) | 2018-05-01 | 21 \n[1597885](<http://www.ibm.com/support/docview.wss?uid=swg21597885>) | [Multiselect does not work properly](<http://www.ibm.com/support/docview.wss?uid=swg21597885>) | 2017-04-14 | 22 \n[1598332](<http://www.ibm.com/support/docview.wss?uid=swg21598332>) | [System Error - Tried to register widget with id==logdb_edit_dialog but that id is already registered](<http://www.ibm.com/support/docview.wss?uid=swg21598332>) | 2017-04-14 | 23 \n[1686991](<http://www.ibm.com/support/docview.wss?uid=swg21686991>) | [Captive authentication page occasionally fails to redirect the user on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21686991>) | 2018-05-01 | 24 \n[1986359](<http://www.ibm.com/support/docview.wss?uid=swg21986359>) | [The search bar in the IBM Security Network Protection Local Management Interface (LMI) help is not responding and searches can not be made.](<http://www.ibm.com/support/docview.wss?uid=swg21986359>) | 2017-04-14 | 25 \n[1999059](<http://www.ibm.com/support/docview.wss?uid=swg21999059>) | [LMI network graphs unreadable when using Chrome 56 on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21999059>) | 2017-06-10 | 26 \n[1999115](<http://www.ibm.com/support/docview.wss?uid=swg21999115>) | [Unable to access LMI after modifying the management IP address on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21999115>) | 2018-01-01 | 27 \n \n\\+ Network Access Policy\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1961068](<http://www.ibm.com/support/docview.wss?uid=swg21961068>) | [Blocking IP spoofed traffic with a QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21961068>) | 2017-08-28 | 1 \n[1983899](<http://www.ibm.com/support/docview.wss?uid=swg21983899>) | [Security Network Protection (XGS) Network Access Policy rules not working](<http://www.ibm.com/support/docview.wss?uid=swg21983899>) | 2017-06-19 | 2 \n[1961506](<http://www.ibm.com/support/docview.wss?uid=swg21961506>) | [IP reputation and geolocation information in NAP events on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21961506>) | 2017-10-16 | 3 \n[1990362](<http://www.ibm.com/support/docview.wss?uid=swg21990362>) | [Default IPS policy usage in NAP rules on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21990362>) | 2017-04-14 | 4 \n[1995199](<http://www.ibm.com/support/docview.wss?uid=swg21995199>) | [Configure Network Access Policies for the IBM Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21995199>) | 2017-04-14 | 5 \n[1962639](<http://www.ibm.com/support/docview.wss?uid=swg21962639>) | [Security Network Protection and Security Network IPS remote syslog logging facility](<http://www.ibm.com/support/docview.wss?uid=swg21962639>) | 2017-06-19 | 6 \n[1968101](<http://www.ibm.com/support/docview.wss?uid=swg21968101>) | [Drop or Reject Actions do not appear to apply for some rules on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21968101>) | 2017-10-17 | 7 \n[1974709](<http://www.ibm.com/support/docview.wss?uid=swg21974709>) | [Remote Syslog over TLS setup](<http://www.ibm.com/support/docview.wss?uid=swg21974709>) | 2017-12-12 | 8 \n[1990338](<http://www.ibm.com/support/docview.wss?uid=swg21990338>) | [Custom NAP rule naming on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21990338>) | 2018-05-23 | 9 \n[1698766](<http://www.ibm.com/support/docview.wss?uid=swg21698766>) | [Blocking specific ports by using Network Access policy on the Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21698766>) | 2018-05-01 | 10 \n[1750419](<http://www.ibm.com/support/docview.wss?uid=swg21750419>) | [Security Network Protection (XGS) is not blocking a URL with \"?\" parameter value](<http://www.ibm.com/support/docview.wss?uid=swg21750419>) | 2017-04-14 | 11 \n[1968211](<http://www.ibm.com/support/docview.wss?uid=swg21968211>) | [Default behavior for traffic that does not match any NAP rule on Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21968211>) | 2017-10-23 | 12 \n[1435089](<http://www.ibm.com/support/docview.wss?uid=swg21435089>) | [Unable to see newly added Network Objects or Response Objects in XGS Response Rules](<http://www.ibm.com/support/docview.wss?uid=swg21435089>) | 2017-04-14 | 13 \n[1700929](<http://www.ibm.com/support/docview.wss?uid=swg21700929>) | [Security Network Protection (XGS) block page is not found for NAP rules by using domain category and domain list objects](<http://www.ibm.com/support/docview.wss?uid=swg21700929>) | 2018-05-01 | 14 \n[1986086](<http://www.ibm.com/support/docview.wss?uid=swg21986086>) | [Error: \"Field must be between 0 and 255 in length\" when adding a rule to a QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21986086>) | 2017-08-28 | 15 \n[1644712](<http://www.ibm.com/support/docview.wss?uid=swg21644712>) | [LMI allows deletion of remote directory server that is referenced in an identity object](<http://www.ibm.com/support/docview.wss?uid=swg21644712>) | 2017-04-14 | 16 \n[1698149](<http://www.ibm.com/support/docview.wss?uid=swg21698149>) | [Error: \"Invalid scope\" on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21698149>) | 2017-04-14 | 17 \n[1644593](<http://www.ibm.com/support/docview.wss?uid=swg21644593>) | [IBM Security Network Protection does not detect ping echo replies](<http://www.ibm.com/support/docview.wss?uid=swg21644593>) | 2017-09-06 | 18 \n[1683989](<http://www.ibm.com/support/docview.wss?uid=swg21683989>) | [Some Network Access policy events don't contain URL Categories or Web Application information](<http://www.ibm.com/support/docview.wss?uid=swg21683989>) | 2018-05-01 | 19 \n[1975227](<http://www.ibm.com/support/docview.wss?uid=swg21975227>) | [Multiple changes to the Network Access Policy may cause a network interruption on the Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21975227>) | 2018-05-01 | 20 \n[1976509](<http://www.ibm.com/support/docview.wss?uid=swg21976509>) | [Using geolocation objects on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21976509>) | 2017-08-24 | 21 \n[1983886](<http://www.ibm.com/support/docview.wss?uid=swg21983886>) | [Creating Geolocation objects in the Event Filter policy](<http://www.ibm.com/support/docview.wss?uid=swg21983886>) | 2018-05-01 | 22 \n[2013039](<http://www.ibm.com/support/docview.wss?uid=swg22013039>) | [Stateful inspection on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22013039>) | 2018-02-19 | 23 \n \n\\+ Network Interface Module (NIM)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1698147](<http://www.ibm.com/support/docview.wss?uid=swg21698147>) | [Replacing network interface modules (NIMs) in the XGS appliance](<http://www.ibm.com/support/docview.wss?uid=swg21698147>) | 2018-01-29 | 1 \n[1666254](<http://www.ibm.com/support/docview.wss?uid=swg21666254>) | [Network Protection (XGS) policy changes that cause a link state change](<http://www.ibm.com/support/docview.wss?uid=swg21666254>) | 2018-05-01 | 2 \n[1987202](<http://www.ibm.com/support/docview.wss?uid=swg21987202>) | [40Gb Network Interface Module (NIM) update IBM QRadar Network Security (IQNS) 7100](<http://www.ibm.com/support/docview.wss?uid=swg21987202>) | 2018-05-01 | 3 \n \n\\+ Not Applicable\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1662387](<http://www.ibm.com/support/docview.wss?uid=swg21662387>) | [Agent Alert POST](<http://www.ibm.com/support/docview.wss?uid=swg21662387>) | 2017-08-24 | 1 \n[7045692](<http://www.ibm.com/support/docview.wss?uid=swg27045692>) | [Open Mic Webcast: How to Deploy and Configure the XGS - Wednesday, 20 May 2015 [includes link to recorded session; presentation slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27045692>) | 2018-05-23 | 2 \n[1689158](<http://www.ibm.com/support/docview.wss?uid=swg21689158>) | [Security Bulletin: Vulnerability in SSLv3 affects multiple IBM Security Infrastructure appliances (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21689158>) | 2018-02-15 | 3 \n[2001436](<http://www.ibm.com/support/docview.wss?uid=swg22001436>) | [PAM Statistics info and OID listing for QRadar Network Security (XGS) at XPU 37.030](<http://www.ibm.com/support/docview.wss?uid=swg22001436>) | 2018-05-01 | 4 \n[1987437](<http://www.ibm.com/support/docview.wss?uid=swg21987437>) | [Receiving warning messages when deploying policies that require restarting Analysis Daemon](<http://www.ibm.com/support/docview.wss?uid=swg21987437>) | 2017-04-14 | 5 \n[7047367](<http://www.ibm.com/support/docview.wss?uid=swg27047367>) | [Open Mic Webcast: XGS: Advanced Threat Protection Integration Options (QRadar export) - 28 January 2016 [Includes link to replay. Presentation is attached.]](<http://www.ibm.com/support/docview.wss?uid=swg27047367>) | 2017-04-15 | 6 \n[7045508](<http://www.ibm.com/support/docview.wss?uid=swg27045508>) | [Open Mic Webcast: Policy Migration from GX to XGS - Tuesday, 28 April 2015 [includes link to recorded event; presentation slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27045508>) | 2018-05-23 | 7 \n[7049643](<http://www.ibm.com/support/docview.wss?uid=swg27049643>) | [Open Mic: IQNS (XGS) X-Force Malware Analysis on the Cloud - 24 May 2017 (Includes link to replay. Slides are attached.)](<http://www.ibm.com/support/docview.wss?uid=swg27049643>) | 2017-06-05 | 8 \n[1690823](<http://www.ibm.com/support/docview.wss?uid=swg21690823>) | [Security Bulletin: IBM Security Network Protection is affected by Shell Command Injection vulnerability (CVE-2014-6183)](<http://www.ibm.com/support/docview.wss?uid=swg21690823>) | 2018-02-15 | 9 \n[7047876](<http://www.ibm.com/support/docview.wss?uid=swg27047876>) | [Infrastructure Support Open Mic Webcast: IBM Threat Protection System with XGS-QRadar Integration - 25 May 2016 [includes link to replay; presentation is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27047876>) | 2018-02-15 | 10 \n[1974288](<http://www.ibm.com/support/docview.wss?uid=swg21974288>) | [IBM Security Network Protection 5.3.2 Web Services API ](<http://www.ibm.com/support/docview.wss?uid=swg21974288>) | 2017-04-14 | 11 \n[7044438](<http://www.ibm.com/support/docview.wss?uid=swg27044438>) | [Open Mic Webcast for IBM Security Network Protection: Troubleshooting the XGS appliance - 20 January 2015 [includes link to replay; presentation slides are attached] ](<http://www.ibm.com/support/docview.wss?uid=swg27044438>) | 2018-05-23 | 12 \n[1690822](<http://www.ibm.com/support/docview.wss?uid=swg21690822>) | [Security Bulletin: Vulnerability in SSLv3 affects Network Protection (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21690822>) | 2018-02-15 | 13 \n[1696131](<http://www.ibm.com/support/docview.wss?uid=swg21696131>) | [Security Bulletin: GNU C library (glibc) vulnerability affects IBM Security Network Protection (CVE-2015-0235)](<http://www.ibm.com/support/docview.wss?uid=swg21696131>) | 2018-02-15 | 14 \n[7045078](<http://www.ibm.com/support/docview.wss?uid=swg27045078>) | [Open Mic Webcast for controlling internet access with XGS: a configuration walkthrough of user authentication - Wednesday, 4 March 2015 [inclues link to recording; slide deck is attached]](<http://www.ibm.com/support/docview.wss?uid=swg27045078>) | 2018-05-23 | 15 \n[7046280](<http://www.ibm.com/support/docview.wss?uid=swg27046280>) | [Open Mic Webcast: XGS - Keeping up with threat infrastructure by using alerts and audits - 26 August 2015 [presentation slides are attached; includes link to replay]](<http://www.ibm.com/support/docview.wss?uid=swg27046280>) | 2017-04-15 | 16 \n[1676529](<http://www.ibm.com/support/docview.wss?uid=swg21676529>) | [Security Bulletin: IBM Security Network Protection is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470 ](<http://www.ibm.com/support/docview.wss?uid=swg21676529>) | 2018-02-15 | 17 \n[1680803](<http://www.ibm.com/support/docview.wss?uid=swg21680803>) | [Security Bulletin: IBM Security Network Protection System CPU Utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21680803>) | 2018-02-15 | 18 \n[1693542](<http://www.ibm.com/support/docview.wss?uid=swg21693542>) | [Security Bulletin: IBM Security Network Protection is affected by ClickJacking vulnerability CVE-2014-6197](<http://www.ibm.com/support/docview.wss?uid=swg21693542>) | 2018-02-15 | 19 \n[1958090](<http://www.ibm.com/support/docview.wss?uid=swg21958090>) | [Security Bulletin: IBM Security Network Protection contains a Cross-Site Request Forgery vulnerability. ](<http://www.ibm.com/support/docview.wss?uid=swg21958090>) | 2018-02-15 | 20 \n[2002436](<http://www.ibm.com/support/docview.wss?uid=swg22002436>) | [Increased memory utilization in QRadar Network Security firmware 5.4](<http://www.ibm.com/support/docview.wss?uid=swg22002436>) | 2018-05-01 | 21 \n[1684903](<http://www.ibm.com/support/docview.wss?uid=swg21684903>) | [Security Bulletin: Network Protection is affected by multiple OpenSSL vulnerabilities (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511) ](<http://www.ibm.com/support/docview.wss?uid=swg21684903>) | 2018-02-15 | 22 \n[1696906](<http://www.ibm.com/support/docview.wss?uid=swg21696906>) | [Security Bulletin: IBM Security Network Protection is affected by OpenSSL vulnerabilities (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, and CVE-2015-0206)](<http://www.ibm.com/support/docview.wss?uid=swg21696906>) | 2018-02-15 | 23 \n[1697248](<http://www.ibm.com/support/docview.wss?uid=swg21697248>) | [Security Bulletin: IBM Security Network Protection is vulnerable to Cross-Site Scripting. (CVE-2014-6189)](<http://www.ibm.com/support/docview.wss?uid=swg21697248>) | 2018-02-15 | 24 \n[7047473](<http://www.ibm.com/support/docview.wss?uid=swg27047473>) | [Open Mic Webcast: Why you need to use Automated Service and Support on the XGS - 25 February 2016 [Includes link to replay] [Presentation slides are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27047473>) | 2018-02-15 | 25 \n[7050149](<http://www.ibm.com/support/docview.wss?uid=swg27050149>) | [IBM Infrastructure Security Support July 2017 Newsletter ](<http://www.ibm.com/support/docview.wss?uid=swg27050149>) | 2017-08-24 | 26 \n[1675355](<http://www.ibm.com/support/docview.wss?uid=swg21675355>) | [Security Bulletin: IBM Security Network Protection System CPU utilization (CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21675355>) | 2018-02-15 | 27 \n[1676875](<http://www.ibm.com/support/docview.wss?uid=swg21676875>) | [Security Bulletin: IBM Security Network Protection is affected by the following IBM\u00c2\u00ae SDK, Java\u00e2\u0084\u00a2 Technology Edition vulnerability (CVE-2014-2414) ](<http://www.ibm.com/support/docview.wss?uid=swg21676875>) | 2018-02-15 | 28 \n[1693657](<http://www.ibm.com/support/docview.wss?uid=swg21693657>) | [Security Bulletin: TLS padding vulnerability affects IBM Security Network Protection (CVE-2014-8730) ](<http://www.ibm.com/support/docview.wss?uid=swg21693657>) | 2018-02-15 | 29 \n[1696265](<http://www.ibm.com/support/docview.wss?uid=swg21696265>) | [Security Bulletin: Multiple vulnerabilities in IBM Security Network Protection (CVE-2014-3567, CVE-2014-4877, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21696265>) | 2018-02-15 | 30 \n[1696521](<http://www.ibm.com/support/docview.wss?uid=swg21696521>) | [Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection (CVE-2014-6512, CVE-2014-6457, CVE-2014-6558, CVE-2014-3065) ](<http://www.ibm.com/support/docview.wss?uid=swg21696521>) | 2018-02-15 | 31 \n[1696811](<http://www.ibm.com/support/docview.wss?uid=swg21696811>) | [Security Bulletin: IBM Security Network Protection is affected by a NSS vulnerability (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21696811>) | 2018-02-15 | 32 \n[1701264](<http://www.ibm.com/support/docview.wss?uid=swg21701264>) | [Security Bulletin: Vulnerability in GSKit affects IBM Security Network Protection (CVE-2015-0138) ](<http://www.ibm.com/support/docview.wss?uid=swg21701264>) | 2018-02-15 | 33 \n[1962064](<http://www.ibm.com/support/docview.wss?uid=swg21962064>) | [Security Bulletin: A vulnerability in GSKit affects IBM Security Network Protection (CVE-2015-1788)](<http://www.ibm.com/support/docview.wss?uid=swg21962064>) | 2018-02-15 | 34 \n[1963297](<http://www.ibm.com/support/docview.wss?uid=swg21963297>) | [Security Bulletin: A vulnerability in GNU glibc affects IBM Security Network Protection (CVE-2013-7424) ](<http://www.ibm.com/support/docview.wss?uid=swg21963297>) | 2017-04-14 | 35 \n[2011740](<http://www.ibm.com/support/docview.wss?uid=swg22011740>) | [Security Bulletin: IBM QRadar Network Security is affected by a denial of service vulnerability in cURL (CVE-2017-1000257) ](<http://www.ibm.com/support/docview.wss?uid=swg22011740>) | 2018-05-01 | 36 \n[2016575](<http://www.ibm.com/support/docview.wss?uid=swg22016575>) | [Impact of the Japanese era calendar change on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22016575>) | 2018-05-26 | 37 \n \n\\+ Operating system (OS)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1980551](<http://www.ibm.com/support/docview.wss?uid=swg21980551>) | [Interpreting LEEF formatting in syslog events on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21980551>) | 2018-05-01 | 1 \n[1986090](<http://www.ibm.com/support/docview.wss?uid=swg21986090>) | [Warning: \"User allocated memory\" on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21986090>) | 2017-08-24 | 2 \n[1972161](<http://www.ibm.com/support/docview.wss?uid=swg21972161>) | [Allowed Characters for the Security Network Protection admin password](<http://www.ibm.com/support/docview.wss?uid=swg21972161>) | 2017-04-16 | 3 \n[1966576](<http://www.ibm.com/support/docview.wss?uid=swg21966576>) | [High disk usage on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21966576>) | 2018-05-06 | 4 \n[1983875](<http://www.ibm.com/support/docview.wss?uid=swg21983875>) | [MTU as defined on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21983875>) | 2017-08-02 | 5 \n[1698146](<http://www.ibm.com/support/docview.wss?uid=swg21698146>) | [Kernel debug procedures for the XGS appliance](<http://www.ibm.com/support/docview.wss?uid=swg21698146>) | 2017-10-30 | 6 \n[1978425](<http://www.ibm.com/support/docview.wss?uid=swg21978425>) | [Unable to SSH in to the Securty Network Protection (XGS) with error: failed to start sshd ](<http://www.ibm.com/support/docview.wss?uid=swg21978425>) | 2018-05-01 | 7 \n[1705154](<http://www.ibm.com/support/docview.wss?uid=swg21705154>) | [IBM Security Network Protection (XGS) firmware 5.3 \"Kernel Soft Lockup\"](<http://www.ibm.com/support/docview.wss?uid=swg21705154>) | 2018-05-06 | 8 \n[1996695](<http://www.ibm.com/support/docview.wss?uid=swg21996695>) | [Error: \"Allocated user memory\" in SiteProtector for Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21996695>) | 2018-05-23 | 9 \n[1959380](<http://www.ibm.com/support/docview.wss?uid=swg21959380>) | [CVE-2002-0510 vulnerability on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21959380>) | 2017-09-04 | 10 \n[1599917](<http://www.ibm.com/support/docview.wss?uid=swg21599917>) | [Changing Time Settings Causes Gaps or Missing Data in Statistics Display](<http://www.ibm.com/support/docview.wss?uid=swg21599917>) | 2017-04-14 | 11 \n \n\\+ Performance\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1968189](<http://www.ibm.com/support/docview.wss?uid=swg21968189>) | [Security Network Protection (XGS) SensorStatistics](<http://www.ibm.com/support/docview.wss?uid=swg21968189>) | 2018-05-01 | 1 \n[1701480](<http://www.ibm.com/support/docview.wss?uid=swg21701480>) | [Network Interface Module (NIM) ports perform better than built-in gigabit ports on XGS 5100 sensors](<http://www.ibm.com/support/docview.wss?uid=swg21701480>) | 2018-05-01 | 2 \n[1959239](<http://www.ibm.com/support/docview.wss?uid=swg21959239>) | [Packet delay or loss while making changes to XGS policies](<http://www.ibm.com/support/docview.wss?uid=swg21959239>) | 2017-04-14 | 3 \n[1902773](<http://www.ibm.com/support/docview.wss?uid=swg21902773>) | [Policy migration limitations and facts to consider](<http://www.ibm.com/support/docview.wss?uid=swg21902773>) | 2018-05-01 | 4 \n[1667527](<http://www.ibm.com/support/docview.wss?uid=swg21667527>) | [Session ID Resumption and SSL decryption](<http://www.ibm.com/support/docview.wss?uid=swg21667527>) | 2018-05-01 | 5 \n[1683772](<http://www.ibm.com/support/docview.wss?uid=swg21683772>) | [Experiencing latency while using the Security Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21683772>) | 2018-05-01 | 6 \n[1903622](<http://www.ibm.com/support/docview.wss?uid=swg21903622>) | [Security Network Protection (XGS) email alerts do not include hostname or IP address of the reporting appliance](<http://www.ibm.com/support/docview.wss?uid=swg21903622>) | 2018-05-01 | 7 \n[1698814](<http://www.ibm.com/support/docview.wss?uid=swg21698814>) | [Forced speed/duplex interface settings not working with XGS Firmware 5.3](<http://www.ibm.com/support/docview.wss?uid=swg21698814>) | 2017-04-14 | 8 \n[1987354](<http://www.ibm.com/support/docview.wss?uid=swg21987354>) | [IBM QRadar Network Security (IQNS) no System Alerts seen in System Events](<http://www.ibm.com/support/docview.wss?uid=swg21987354>) | 2018-05-01 | 9 \n[1962510](<http://www.ibm.com/support/docview.wss?uid=swg21962510>) | [\"Timer expiration\" error when deploying a policy change on Security Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21962510>) | 2017-08-24 | 10 \n[1977325](<http://www.ibm.com/support/docview.wss?uid=swg21977325>) | [Storage Limits and Allocation on the IBM Security Network Protection Appliance](<http://www.ibm.com/support/docview.wss?uid=swg21977325>) | 2017-04-14 | 11 \n[1999124](<http://www.ibm.com/support/docview.wss?uid=swg21999124>) | [Asymmetric traffic across NIMs for XGS7100 appliances](<http://www.ibm.com/support/docview.wss?uid=swg21999124>) | 2018-01-01 | 12 \n[1682809](<http://www.ibm.com/support/docview.wss?uid=swg21682809>) | [Unable to deploy policy to IBM QRadar Network Security IQNS (XGS) in SiteProtector.](<http://www.ibm.com/support/docview.wss?uid=swg21682809>) | 2018-05-01 | 13 \n[1667817](<http://www.ibm.com/support/docview.wss?uid=swg21667817>) | [Network Protection (XGS) unable to read or parse EEPROM data from selected slot](<http://www.ibm.com/support/docview.wss?uid=swg21667817>) | 2018-05-01 | 14 \n \n\\+ Protocol Analysis Module (PAM)\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1498057](<http://www.ibm.com/support/docview.wss?uid=swg21498057>) | [X-Force Protocol Analysis Module (PAM) signature information](<http://www.ibm.com/support/docview.wss?uid=swg21498057>) | 2018-01-01 | 1 \n[1436125](<http://www.ibm.com/support/docview.wss?uid=swg21436125>) | [Configuring a sensor to ignore or allowlist traffic from certain IP addresses](<http://www.ibm.com/support/docview.wss?uid=swg21436125>) | 2018-05-01 | 2 \n[1973599](<http://www.ibm.com/support/docview.wss?uid=swg21973599>) | [Protection against DoS and DDoS with IBM QRadar Network Security IQNS (XGS) and Network IPS (GX) appliances](<http://www.ibm.com/support/docview.wss?uid=swg21973599>) | 2018-05-01 | 3 \n[1962049](<http://www.ibm.com/support/docview.wss?uid=swg21962049>) | [Information about the coalescer on QRadar Network Security and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21962049>) | 2017-09-26 | 4 \n[1435809](<http://www.ibm.com/support/docview.wss?uid=swg21435809>) | [Some traffic allowed despite a configured Block response on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21435809>) | 2018-05-28 | 5 \n[1987735](<http://www.ibm.com/support/docview.wss?uid=swg21987735>) | [IBM X-Force introduces version scheme change for X-Press Updates (XPU) - June 2017](<http://www.ibm.com/support/docview.wss?uid=swg21987735>) | 2017-08-24 | 6 \n[1965579](<http://www.ibm.com/support/docview.wss?uid=swg21965579>) | [Bypassing inspection on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21965579>) | 2017-10-09 | 7 \n[1986647](<http://www.ibm.com/support/docview.wss?uid=swg21986647>) | [Severity levels for IBM X-Force security signatures](<http://www.ibm.com/support/docview.wss?uid=swg21986647>) | 2018-05-28 | 8 \n[1988495](<http://www.ibm.com/support/docview.wss?uid=swg21988495>) | [Flood protection behavior on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21988495>) | 2017-09-04 | 9 \n[1437359](<http://www.ibm.com/support/docview.wss?uid=swg21437359>) | [IEEE 802.3ad (EtherChannel) support on XGS and GX sensors](<http://www.ibm.com/support/docview.wss?uid=swg21437359>) | 2017-09-11 | 10 \n[1515937](<http://www.ibm.com/support/docview.wss?uid=swg21515937>) | [Two events generated for the same signature (one as Detected and other as Blocked) on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21515937>) | 2017-09-04 | 11 \n[1643272](<http://www.ibm.com/support/docview.wss?uid=swg21643272>) | [How to determine whether there is coverage for a particular CVE](<http://www.ibm.com/support/docview.wss?uid=swg21643272>) | 2017-08-24 | 12 \n[1701441](<http://www.ibm.com/support/docview.wss?uid=swg21701441>) | [X-Force Virtual Patch Protection Levels for QRadar Network Security and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21701441>) | 2018-05-07 | 13 \n[1975854](<http://www.ibm.com/support/docview.wss?uid=swg21975854>) | [PAM reports Akamai's IP instead of the 'True-Client-IP' HTTP header](<http://www.ibm.com/support/docview.wss?uid=swg21975854>) | 2017-08-09 | 14 \n[1962594](<http://www.ibm.com/support/docview.wss?uid=swg21962594>) | [Enabling or disabling inspection of X-Forward headers on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21962594>) | 2017-10-16 | 15 \n[1976382](<http://www.ibm.com/support/docview.wss?uid=swg21976382>) | [Unable to access live.com (Hotmail/Outlook) when Outbound SSL is enabled on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21976382>) | 2018-05-01 | 16 \n[1434828](<http://www.ibm.com/support/docview.wss?uid=swg21434828>) | [False positive on IBM host or network based IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21434828>) | 2017-06-26 | 17 \n[1999450](<http://www.ibm.com/support/docview.wss?uid=swg21999450>) | [Find PAM signature by issue ID on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21999450>) | 2018-05-01 | 18 \n[1683773](<http://www.ibm.com/support/docview.wss?uid=swg21683773>) | [Multiple false positives on Java-based security events on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21683773>) | 2017-09-26 | 19 \n[1624060](<http://www.ibm.com/support/docview.wss?uid=swg21624060>) | [Ignoring vulnerability scanner traffic on the Security Network IPS and Network Protection](<http://www.ibm.com/support/docview.wss?uid=swg21624060>) | 2018-05-01 | 20 \n[1468847](<http://www.ibm.com/support/docview.wss?uid=swg21468847>) | [Event and Response Filters with port ranges do not work with TCP_Port_Scan and UDP_Port_Scan](<http://www.ibm.com/support/docview.wss?uid=swg21468847>) | 2018-05-01 | 21 \n[1436031](<http://www.ibm.com/support/docview.wss?uid=swg21436031>) | [Determing the release date and coverage information for an XPU](<http://www.ibm.com/support/docview.wss?uid=swg21436031>) | 2017-04-14 | 22 \n[1643931](<http://www.ibm.com/support/docview.wss?uid=swg21643931>) | [HTTP HEAD and PUT methods not detected (blocked)](<http://www.ibm.com/support/docview.wss?uid=swg21643931>) | 2017-04-14 | 23 \n[1692287](<http://www.ibm.com/support/docview.wss?uid=swg21692287>) | [Signature coverage for SSLv3 (Poodle) on Security Network Protection and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21692287>) | 2017-09-04 | 24 \n[1697527](<http://www.ibm.com/support/docview.wss?uid=swg21697527>) | [Error: \"FNXPM1003E...\" trons interface errors on Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21697527>) | 2017-05-13 | 25 \n[1967067](<http://www.ibm.com/support/docview.wss?uid=swg21967067>) | [Compressed file traffic inspection by QRadar Network Security and Security Network IPS sensors](<http://www.ibm.com/support/docview.wss?uid=swg21967067>) | 2017-10-04 | 26 \n[1968099](<http://www.ibm.com/support/docview.wss?uid=swg21968099>) | [SMTP_Command_Binary_Overflow signature can cause a large number of events on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21968099>) | 2017-10-17 | 27 \n[1976381](<http://www.ibm.com/support/docview.wss?uid=swg21976381>) | [Skype traffic not being blocked by Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21976381>) | 2018-05-01 | 28 \n[1996694](<http://www.ibm.com/support/docview.wss?uid=swg21996694>) | [Security Network Protection treatment for \"iv-remote-address\" header information](<http://www.ibm.com/support/docview.wss?uid=swg21996694>) | 2018-05-23 | 29 \n[1435997](<http://www.ibm.com/support/docview.wss?uid=swg21435997>) | [User Defined Event compiler limitations for the Protocol Analysis Module](<http://www.ibm.com/support/docview.wss?uid=swg21435997>) | 2017-04-23 | 30 \n[1626557](<http://www.ibm.com/support/docview.wss?uid=swg21626557>) | [Tuning the DNS_Bind_OPT_DOS signature on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21626557>) | 2017-04-14 | 31 \n[1883737](<http://www.ibm.com/support/docview.wss?uid=swg21883737>) | [Skype UDP traffic is not recognized by the Protocol Analysis Module on IBM Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21883737>) | 2017-05-13 | 32 \n[1966581](<http://www.ibm.com/support/docview.wss?uid=swg21966581>) | [Analysis of DECNET traffic on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21966581>) | 2017-10-23 | 33 \n[1968561](<http://www.ibm.com/support/docview.wss?uid=swg21968561>) | [Inspection of duplicate packets by QRadar Network Security sensors with different interface modes](<http://www.ibm.com/support/docview.wss?uid=swg21968561>) | 2017-10-23 | 34 \n[1983891](<http://www.ibm.com/support/docview.wss?uid=swg21983891>) | [TCP_Probe_XXXX events do not fire when TCP_Port_Scan triggers on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21983891>) | 2018-05-28 | 35 \n[1983900](<http://www.ibm.com/support/docview.wss?uid=swg21983900>) | [SNMP_Activity version detection](<http://www.ibm.com/support/docview.wss?uid=swg21983900>) | 2018-05-01 | 36 \n \n\\+ SSL Inspection\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1960119](<http://www.ibm.com/support/docview.wss?uid=swg21960119>) | [Inspecting inbound SSL traffic on an internal server](<http://www.ibm.com/support/docview.wss?uid=swg21960119>) | 2017-05-12 | 1 \n[1666241](<http://www.ibm.com/support/docview.wss?uid=swg21666241>) | [SSL traffic protection on the Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21666241>) | 2018-05-01 | 2 \n[1964212](<http://www.ibm.com/support/docview.wss?uid=swg21964212>) | [Diffie-Hellman and inbound SSL inspection on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21964212>) | 2017-04-14 | 3 \n[1666913](<http://www.ibm.com/support/docview.wss?uid=swg21666913>) | [Inbound SSL inspection on the XGS appliance when operating in HA mode](<http://www.ibm.com/support/docview.wss?uid=swg21666913>) | 2018-05-01 | 4 \n[1986092](<http://www.ibm.com/support/docview.wss?uid=swg21986092>) | [Support for TLS Extended Master Secret on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21986092>) | 2018-05-13 | 5 \n[7046102](<http://www.ibm.com/support/docview.wss?uid=swg27046102>) | [Open Mic replay: Overview of how SSL Inspection works on the XGS - 29 July 2015 [includes link to recording; presentation and speaker notes are attached]](<http://www.ibm.com/support/docview.wss?uid=swg27046102>) | 2018-05-23 | 6 \n[1967118](<http://www.ibm.com/support/docview.wss?uid=swg21967118>) | [Security Network Protection (XGS) inbound and outbound SSL inspection session resumption](<http://www.ibm.com/support/docview.wss?uid=swg21967118>) | 2017-06-19 | 7 \n[1986091](<http://www.ibm.com/support/docview.wss?uid=swg21986091>) | [GLG license messages on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21986091>) | 2017-08-24 | 8 \n[2004900](<http://www.ibm.com/support/docview.wss?uid=swg22004900>) | [Inbound SSL analysis of SSLv2 traffic might cause inspection engine crashes on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22004900>) | 2017-12-08 | 9 \n[1650197](<http://www.ibm.com/support/docview.wss?uid=swg21650197>) | [SSL Inspection - Frequently Asked Questions](<http://www.ibm.com/support/docview.wss?uid=swg21650197>) | 2017-04-14 | 10 \n[1958051](<http://www.ibm.com/support/docview.wss?uid=swg21958051>) | [Outbound SSL use of certificates on the XGS](<http://www.ibm.com/support/docview.wss?uid=swg21958051>) | 2018-05-01 | 11 \n[1666891](<http://www.ibm.com/support/docview.wss?uid=swg21666891>) | [Network Protection (XGS) use of multiple SSL certificates](<http://www.ibm.com/support/docview.wss?uid=swg21666891>) | 2018-05-01 | 12 \n[1666909](<http://www.ibm.com/support/docview.wss?uid=swg21666909>) | [Network Protection (XGS) SSL decryption and passive monitoring mode](<http://www.ibm.com/support/docview.wss?uid=swg21666909>) | 2018-05-01 | 13 \n[1666889](<http://www.ibm.com/support/docview.wss?uid=swg21666889>) | [Network Protection (XGS): Impact of adding, deleting, and renewing SSL inspection certificates](<http://www.ibm.com/support/docview.wss?uid=swg21666889>) | 2018-05-01 | 14 \n[2008309](<http://www.ibm.com/support/docview.wss?uid=swg22008309>) | [Error: \"packet rewriting error\" on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22008309>) | 2017-12-13 | 15 \n[1903062](<http://www.ibm.com/support/docview.wss?uid=swg21903062>) | [Windows Updates fail with Outbound SSL inspection enabled on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21903062>) | 2018-05-01 | 16 \n[1700438](<http://www.ibm.com/support/docview.wss?uid=swg21700438>) | [IBM Security Network Protection Response to \u00e2\u0080\u009cThe Risks of SSL Inspection\u00e2\u0080\u009d CERT/CC Blog Post](<http://www.ibm.com/support/docview.wss?uid=swg21700438>) | 2018-05-21 | 17 \n[1972184](<http://www.ibm.com/support/docview.wss?uid=swg21972184>) | [Using domain certificate objects for Outbound SSL Inspection Policy on IBM Qradar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg21972184>) | 2018-05-01 | 18 \n[1987355](<http://www.ibm.com/support/docview.wss?uid=swg21987355>) | [IBM QRadar Network Security (IQNS) 4096 bit encryption for inbound SSL inspection](<http://www.ibm.com/support/docview.wss?uid=swg21987355>) | 2018-05-01 | 19 \n[1667164](<http://www.ibm.com/support/docview.wss?uid=swg21667164>) | [Network Protection (XGS) - Creating a private key with a passphrase when generating a certificate for SSL decryption](<http://www.ibm.com/support/docview.wss?uid=swg21667164>) | 2018-05-01 | 20 \n[1903522](<http://www.ibm.com/support/docview.wss?uid=swg21903522>) | [Traffic using SPDY protocol is not analyzed by Outbound SSL inspection](<http://www.ibm.com/support/docview.wss?uid=swg21903522>) | 2017-05-08 | 21 \n[1977446](<http://www.ibm.com/support/docview.wss?uid=swg21977446>) | [Analysis daemon crash due to Outbound SSL rules on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21977446>) | 2017-04-23 | 22 \n[1666906](<http://www.ibm.com/support/docview.wss?uid=swg21666906>) | [Non-RFC compliant traffic and SSL inspection on the Network Protection (XGS) appliance](<http://www.ibm.com/support/docview.wss?uid=swg21666906>) | 2018-05-01 | 23 \n[1975332](<http://www.ibm.com/support/docview.wss?uid=swg21975332>) | [File upload or download is slow with Outbound SSL Inspection enabled on Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21975332>) | 2017-04-14 | 24 \n[1992908](<http://www.ibm.com/support/docview.wss?uid=swg21992908>) | [Configuring Remote Syslog over TLS on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21992908>) | 2017-04-14 | 25 \n[2005572](<http://www.ibm.com/support/docview.wss?uid=swg22005572>) | [Unable to access certain websites after updating the XGS appliance.](<http://www.ibm.com/support/docview.wss?uid=swg22005572>) | 2017-09-02 | 26 \n[1640383](<http://www.ibm.com/support/docview.wss?uid=swg21640383>) | [Determining which SSL connections the Network Protection appliance inspects for sites that use self-signed certificates ](<http://www.ibm.com/support/docview.wss?uid=swg21640383>) | 2017-08-04 | 27 \n[1643924](<http://www.ibm.com/support/docview.wss?uid=swg21643924>) | [SSL client error: Can't establish a secure connection](<http://www.ibm.com/support/docview.wss?uid=swg21643924>) | 2017-04-14 | 28 \n[1645833](<http://www.ibm.com/support/docview.wss?uid=swg21645833>) | [Outbound SSL inspection: Determining if a client connection is being inspected through the Network Protection appliance](<http://www.ibm.com/support/docview.wss?uid=swg21645833>) | 2017-08-03 | 29 \n[1646158](<http://www.ibm.com/support/docview.wss?uid=swg21646158>) | [Outbound SSL inspection: Client connections are partially blocked or cannot access HTTPS sites](<http://www.ibm.com/support/docview.wss?uid=swg21646158>) | 2017-08-02 | 30 \n[1669034](<http://www.ibm.com/support/docview.wss?uid=swg21669034>) | [Order of precedence with matching inbound and outbound SSL inspection rules](<http://www.ibm.com/support/docview.wss?uid=swg21669034>) | 2018-05-01 | 31 \n[1682810](<http://www.ibm.com/support/docview.wss?uid=swg21682810>) | [Error: \"NULL Cipher Pointer\" on the Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21682810>) | 2017-09-11 | 32 \n[1974966](<http://www.ibm.com/support/docview.wss?uid=swg21974966>) | [Outbound SSL Inspection triggers SSL_Malformed_Certificate events on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21974966>) | 2017-04-24 | 33 \n[1993272](<http://www.ibm.com/support/docview.wss?uid=swg21993272>) | [Performance issues due to Outbound SSL policy on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21993272>) | 2017-04-14 | 34 \n[2003465](<http://www.ibm.com/support/docview.wss?uid=swg22003465>) | [Inbound SSL rules using the \"any\" destination might cause crashes on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg22003465>) | 2017-06-19 | 35 \n[1883845](<http://www.ibm.com/support/docview.wss?uid=swg21883845>) | [Security Network Protection failing to decrypt SSL incoming traffic in firmware version 5.2](<http://www.ibm.com/support/docview.wss?uid=swg21883845>) | 2017-04-14 | 36 \n[1967594](<http://www.ibm.com/support/docview.wss?uid=swg21967594>) | [Updating VMware products when Outbound SSL Inspection is enabled on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21967594>) | 2017-10-17 | 37 \n[1967595](<http://www.ibm.com/support/docview.wss?uid=swg21967595>) | [IBM SR file upload issues when Outbound SSL Inspection is enabled on Security Network Protection sensors ](<http://www.ibm.com/support/docview.wss?uid=swg21967595>) | 2017-04-14 | 38 \n[1992466](<http://www.ibm.com/support/docview.wss?uid=swg21992466>) | [Yahoo! Messenger changes cause outbound SSL MitM to fail on Security Network Protection sensors](<http://www.ibm.com/support/docview.wss?uid=swg21992466>) | 2017-11-06 | 39 \n \n\\+ Tuning Parameters\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1987352](<http://www.ibm.com/support/docview.wss?uid=swg21987352>) | [IBM QRadar Network Security (IQNS) debug logging](<http://www.ibm.com/support/docview.wss?uid=swg21987352>) | 2018-05-01 | 1 \n[2008978](<http://www.ibm.com/support/docview.wss?uid=swg22008978>) | [IBM QRadar Network Security (XGS) Tuning Parameters for Certificate Authority (CA) health check](<http://www.ibm.com/support/docview.wss?uid=swg22008978>) | 2017-12-06 | 2 \n[1965103](<http://www.ibm.com/support/docview.wss?uid=swg21965103>) | [IBM QRadar Network Security IQNS (XGS) Tuning Parameters for System Alerts notifications](<http://www.ibm.com/support/docview.wss?uid=swg21965103>) | 2018-05-01 | 3 \n[1677865](<http://www.ibm.com/support/docview.wss?uid=swg21677865>) | [IBM QRadar Network Security IQNS (XGS) - Tuning parameter for large number of compressed HTTP sessions ](<http://www.ibm.com/support/docview.wss?uid=swg21677865>) | 2018-05-01 | 4 \n[1969502](<http://www.ibm.com/support/docview.wss?uid=swg21969502>) | [Preventing the TCP Reset in Passive Monitoring Mode on the Security Network IPS (GX) and the IBM QRadar Network Security IQNS (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21969502>) | 2018-05-01 | 5 \n[1997392](<http://www.ibm.com/support/docview.wss?uid=swg21997392>) | [Enabling and disabling flow control pause frames with tuning parameters on the IBM Security Network Protection XGS appliances](<http://www.ibm.com/support/docview.wss?uid=swg21997392>) | 2017-04-14 | 6 \n[1968100](<http://www.ibm.com/support/docview.wss?uid=swg21968100>) | [Detecting credit card numbers using the QRadar Network Security sensor](<http://www.ibm.com/support/docview.wss?uid=swg21968100>) | 2018-05-29 | 7 \n[1986093](<http://www.ibm.com/support/docview.wss?uid=swg21986093>) | [pam.sweep.block.allow parameter can cause blocking issues on QRadar Network Security sensors](<http://www.ibm.com/support/docview.wss?uid=swg21986093>) | 2017-08-28 | 8 \n[2000597](<http://www.ibm.com/support/docview.wss?uid=swg22000597>) | [Ports do not come up after enabling HA on an XGS7100 at firmware 5.3.3.2](<http://www.ibm.com/support/docview.wss?uid=swg22000597>) | 2018-05-01 | 9 \n \n\\+ XPU\n\nDoc Number | Title | Last Updated | Popularity \n---|---|---|--- \n[1990298](<http://www.ibm.com/support/docview.wss?uid=swg21990298>) | [Updating Security Network Protection application databases via SiteProtector X-Press Update Server](<http://www.ibm.com/support/docview.wss?uid=swg21990298>) | 2017-04-17 | 1 \n[1903179](<http://www.ibm.com/support/docview.wss?uid=swg21903179>) | [IBM Proventia family PAM Content Update 35.050 - README](<http://www.ibm.com/support/docview.wss?uid=swg21903179>) | 2018-05-01 | 2 \n[2009168](<http://www.ibm.com/support/docview.wss?uid=swg22009168>) | [PAM XPU date differences on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22009168>) | 2017-10-18 | 3 \n[1963514](<http://www.ibm.com/support/docview.wss?uid=swg21963514>) | [URL Category Database, Web Application Database, and IP Reputation Database updates may fail due to Scanning IP reputation ](<http://www.ibm.com/support/docview.wss?uid=swg21963514>) | 2018-01-29 | 4 \n[1667616](<http://www.ibm.com/support/docview.wss?uid=swg21667616>) | [Rolling back an XPU on the Network Protection (XGS)](<http://www.ibm.com/support/docview.wss?uid=swg21667616>) | 2018-05-01 | 5 \n[2002781](<http://www.ibm.com/support/docview.wss?uid=swg22002781>) | [XPUs applied after firmware update is installed on QRadar Network Security](<http://www.ibm.com/support/docview.wss?uid=swg22002781>) | 2018-05-01 | 6 \n[1961531](<http://www.ibm.com/support/docview.wss?uid=swg21961531>) | [XPU version rolled back after updating Security Network Protection (XGS) firmware](<http://www.ibm.com/support/docview.wss?uid=swg21961531>) | 2017-10-16 | 7 \n[2000267](<http://www.ibm.com/support/docview.wss?uid=swg22000267>) | [XPU install or rollback can cause protection interfaces to recycle in Security Network Protection firmware 5.3.3.2](<http://www.ibm.com/support/docview.wss?uid=swg22000267>) | 2018-02-12 | 8 \n \n \n\n\n[{\"Product\":{\"code\":\"SSHLHV\",\"label\":\"IBM Security Network Protection\"},\"Business Unit\":{\"code\":\"BU008\",\"label\":\"Security\"},\"Component\":\"General Information\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-31T00:10:25", "type": "ibm", "title": "IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2002-0510", "CVE-2008-5161", "CVE-2010-5298", "CVE-2012-5667", "CVE-2013-4164", "CVE-2013-4492", "CVE-2013-5442", "CVE-2013-7423", "CVE-2013-7424", "CVE-2014-0198", "CVE-2014-0224", "CVE-2014-0963", "CVE-2014-2414", "CVE-2014-2532", "CVE-2014-3065", "CVE-2014-3470", "CVE-2014-3505", "CVE-2014-3506", "CVE-2014-3507", "CVE-2014-3510", "CVE-2014-3511", "CVE-2014-3513", "CVE-2014-3565", "CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3568", "CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-4607", "CVE-2014-4877", "CVE-2014-5352", "CVE-2014-5353", "CVE-2014-5355", "CVE-2014-6183", "CVE-2014-6189", "CVE-2014-6197", "CVE-2014-6457", "CVE-2014-6512", "CVE-2014-6558", "CVE-2014-8121", "CVE-2014-8139", "CVE-2014-8140", "CVE-2014-8141", "CVE-2014-8275", "CVE-2014-8730", "CVE-2014-9421", "CVE-2014-9422", "CVE-2014-9636", "CVE-2014-9645", "CVE-2015-0138", "CVE-2015-0204", "CVE-2015-0205", "CVE-2015-0206", "CVE-2015-0235", "CVE-2015-1283", "CVE-2015-1345", "CVE-2015-1781", "CVE-2015-1788", "CVE-2015-1798", "CVE-2015-1799", "CVE-2015-1819", "CVE-2015-2806", "CVE-2015-3183", "CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3196", "CVE-2015-3238", "CVE-2015-3245", "CVE-2015-3246", "CVE-2015-3405", "CVE-2015-3416", "CVE-2015-3622", "CVE-2015-4000", "CVE-2015-5300", "CVE-2015-5352", "CVE-2015-5600", "CVE-2015-5621", "CVE-2015-6563", "CVE-2015-6564", "CVE-2015-7547", "CVE-2015-7704", "CVE-2015-8138", "CVE-2015-8325", "CVE-2015-8629", "CVE-2015-8631", "CVE-2016-0201", "CVE-2016-0634", "CVE-2016-0718", "CVE-2016-0787", "CVE-2016-10009", "CVE-2016-10011", "CVE-2016-10012", "CVE-2016-3092", "CVE-2016-5542", "CVE-2016-5554", "CVE-2016-5556", "CVE-2016-5568", "CVE-2016-5573", "CVE-2016-5597", "CVE-2016-6210", "CVE-2016-6313", "CVE-2016-6515", "CVE-2016-7167", "CVE-2016-7543", "CVE-2016-8106", "CVE-2016-8610", "CVE-2016-9401", "CVE-2017-1000257", "CVE-2017-1000366", "CVE-2017-1457", "CVE-2017-1458", "CVE-2017-1491", "CVE-2017-3731", "CVE-2017-9800"], "modified": "2021-01-31T00:10:25", "id": "1552258BC602B501CB144C17FE55DEC12CEDE82B9F4351E9E4F47BE8C7003BA9", "href": "https://www.ibm.com/support/pages/node/278867", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-30T21:44:48", "description": "## Problem\n\nCognos Analytics and Cognos Business Intelligence Security Bulletins and Alerts.\n\n## Resolving The Problem\n\n## Tab navigation\n\n * CA 11.0.x\n * BI 10.2.2\n * BI 10.2.1\n * BI 10.2\n\nSecurity bulletins and Alerts for Cognos Analytics 11.0.x. \n--- \n**Published / Updated** | **Title** \nJanuary 2018 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg22011561>) \nJanuary 2018 | [Cognos Analytics\u306eLibxml2\u8106\u5f31\u6027\u306b\u3064\u3044\u3066](<http://www.ibm.com/support/docview.wss?uid=swg22012361>) \nJanuary 2018 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg22011810>) \nSeptember 2017 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg22007242>) \nAugust 2017 | [Cognos Analytics \u306f\u30af\u30ed\u30b9\u30b5\u30a4\u30c8\u30b9\u30af\u30ea\u30d7\u30c6\u30a3\u30f3\u30b0(XSS)\u306e\u8106\u5f31\u6027\u306e\u5f71\u97ff\u3092\u53d7\u3051\u307e\u3059](<http://www.ibm.com/support/docview.wss?uid=swg22007549>) \nJuly 2017 | [Cognos Analytics is not affected by the Apache Xalan-Java vulnerability (CVE-2014-0107)](<http://www-01.ibm.com/support/docview.wss?uid=swg22005943>) \nJune 2017 | [Cognos Analytics is affected by a Cross-Site Scripting (XSS) vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg22004980>) \nMay 2017 | [Cognos Analytics is NOT AFFECTED by the OpenSource Bouncy Castle Vulnerability (CVE-2015-7940)](<http://www-01.ibm.com/support/docview.wss?uid=swg22003427>) \nMay 2017 | [Cognos Analytics is affected by CVE-2016-0398](<http://www-01.ibm.com/support/docview.wss?uid=swg21977070>) \nMay 2017 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg22000095>) \nApril 2017 | [Cross Site Scripting (XSS) vulnerability affects Cognos Analytics](<http://www-01.ibm.com/support/docview.wss?uid=swg21999791>) \nMarch 2017 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21998887>) \nMarch 2017 | [Privilege Escalation vulnerability affects Cognos Analytics (CVE-2016-8960)](<http://www-01.ibm.com/support/docview.wss?uid=swg21993720>) \nJanuary 2017 | [A vulnerability in the GSKit component of Cognos Analytics (CVE-2016-0201)](<http://www-01.ibm.com/support/docview.wss?uid=swg21975045>) \nJanuary 2017 | [Cognos Analytics is affected by multiple vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21996417>) \n \nSecurity bulletins and Alerts for Cognos Busines Intelligence 10.2.2. \n--- \n**Published / Updated**| **Title** \nJuly 2018| [IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=ibm10715641>) \nApril 2018| [Cognos Metrics Manager 2018 Q1 Security Update](<http://www.ibm.com/support/docview.wss?uid=swg22014720>) \nDecember 2017| [Multiple vulnerabilities in Libxml2 affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22011764>) \nDecember 2017| [Cognos Business Intelligence Server 2017Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22007952>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009441>) \nOctober 2017| [A vulnerability in the Apache Xerces-C XML Parser affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009438>) \nOctober 2017| [Cognos Business Intelligence Server 2017Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22009259>) \nOctober 2017| [A vulnerability in the libpng library affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004076>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004070>) \nJune 2017| [Cognos Business Intelligence Server 2017Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22004036>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004078>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004077>) \nMay 2017| [A vulnerability in the GSKit library affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004075>) \nMay 2017| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004074>) \nMay 2017| [Cognos Business Intelligence is NOT AFFECTED by the OpenSource Bouncy Castle Vulnerability (CVE-2015-7940)](<http://www.ibm.com/support/docview.wss?uid=swg22003426>) \nApril 2017| [Vulnerability in IBM WebSphere Application Server affects Cognos Metrics Manager (CVE-2015-2017)](<http://www.ibm.com/support/docview.wss?uid=swg21976798>) \nApril 2017| [Multiple vulnerabilities in Apache HttpComponents affect Cognos Metrics Manager (CVE-2012-6153, CVE-2014-3577)](<http://www.ibm.com/support/docview.wss?uid=swg21970193>) \nMarch 2017| [Multiple vulnerabilities in Apache Tomcat affect Cognos Metrics Manager (CVE-2016-0762, CVE-2016-6816)](<http://www.ibm.com/support/docview.wss?uid=swg21999723>) \nMarch 2017| [A vulnerability in IBM Websphere Application Server affects Cognos Metrics Manager (CVE-2016-5983)](<http://www.ibm.com/support/docview.wss?uid=swg21999722>) \nMarch 2017| [Cognos Business Intelligence Server 2017Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21999671>) \nMarch 2017| [Privilege Escalation vulnerability affects Cognos Business Intelligence (CVE-2016-8960)](<http://www.ibm.com/support/docview.wss?uid=swg21993718>) \nJanuary 2017| [Cognos Business Intelligence is affected by a vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21996809>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21995691>) \nJanuary 2017| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3485)](<http://www.ibm.com/support/docview.wss?uid=swg21995206>) \nJanuary 2017| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2016-3705, CVE-2016-4447, CVE-2016-4448)](<http://www.ibm.com/support/docview.wss?uid=swg21995198>) \nJanuary 2017| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-6306 CVE-2016-2181 CVE-2016-2183)](<http://www.ibm.com/support/docview.wss?uid=swg21993856>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21984323>) \nOctober 2016| [Cognos Business Intelligence Server 2016Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21979767>) \nJuly 2016| [A vulnerability in the Apache Xerces-C XML parser affects Cognos Metrics Manager (CVE-2016-0729)](<http://www.ibm.com/support/docview.wss?uid=swg21986259>) \nJuly 2016| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3427)](<http://www.ibm.com/support/docview.wss?uid=swg21985522>) \nJuly 2016| [A vulnerability in Apache Tomcat affects Cognos Metrics Manager (CVE-2015-5345)](<http://www.ibm.com/support/docview.wss?uid=swg21982821>) \nJuly 2016| [A vulnerability in OpenSSL affects Cognos Metrics Manager (CVE-2016-2106, CVE-2016-2107, CVE-2016-2108)](<http://www.ibm.com/support/docview.wss?uid=swg21977114>) \nMay 2016| [Cognos Business Intelligence Server is affected by CVE-2016-0398](<http://www.ibm.com/support/docview.wss?uid=swg21983247>) \nMay 2016| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317)](<http://www.ibm.com/support/docview.wss?uid=swg21977221>) \nMay 2016| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2016-0448, CVE-2016-0466)](<http://www.ibm.com/support/docview.wss?uid=swg21977134>) \nMarch 2016| [Multiple vulnerabilities in libpng affect Cognos Metrics Manager (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21976924>) \nFebruary 2016| [Several vulnerabilities in the libpng component of Cognos Business Intelligence Server (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21977053>) \nJanuary 2016| [A vulnerability in the GSKit component of Cognos Business Intelligence Server (CVE-2016-0201)](<http://www.ibm.com/support/docview.wss?uid=swg21975044>) \nJanuary 2016| [A vulnerability in the GSKit component of Cognos Metrics Manager (CVE-2016-0201)](<http://www.ibm.com/support/docview.wss?uid=swg21974810>) \nNovember 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-4872)](<http://www.ibm.com/support/docview.wss?uid=swg21971753>) \nNovember 2015| [Vulnerability in Apache Commons affects Cognos Metrics Manager (CVE-2015-7450)](<http://www.ibm.com/support/docview.wss?uid=swg21971382>) \nNovember 2015| [Cognos Business Intelligence Server 2015Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21959874>) \nAugust 2015| [Cognos Business Intelligence Sever 2015Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21963468>) \nAugust 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-2625, CVE-2015-4748, CVE-2015-4749)](<http://www.ibm.com/support/docview.wss?uid=swg21963263>) \nAugust 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0230)](<http://www.ibm.com/support/docview.wss?uid=swg21962903>) \nAugust 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-1789, CVE-2015-1790, CVE-2015-1792)](<http://www.ibm.com/support/docview.wss?uid=swg21962686>) \nAugust 2015| [Vulnerability in RC4 stream cipher affects Cognos Business Intelligence Server (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21715530>) \nJuly 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Mobile app on Android (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959481>) \nJuly 2015| [Cognos Business Intelligence Sever 2015Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21903752>) \nJuly 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0478, CVE-2015-0488, CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21903565>) \nJuly 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0227)](<http://www.ibm.com/support/docview.wss?uid=swg21903036>) \nJuly 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293)](<http://www.ibm.com/support/docview.wss?uid=swg21902528>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Metrics Manager (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959812>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Business Intelligence (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959671>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Business Intelligence (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21700709>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Metrics Manager (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21697317>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Mobile app on Android (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21883588>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Metrics Manager (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21720187>) \nApril 2015| [Vulnerability exists in GSKit that affects Cognos Metrics Manager (CVE-2015-0159)](<http://www.ibm.com/support/docview.wss?uid=swg21701318>) \nApril 2015| [Vulnerability in IBM WebSphere Application Server affects Cognos Metrics Manager (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701222>) \nApril 2015| [Vulnerabilities in IBM WebSphere Application Server and GSKit affects Cognos Business Intelligence (CVE-2015-0138, CVE-2015-0159)](<http://www.ibm.com/support/docview.wss?uid=swg21701210>) \nApril 2015| [Vulnerability in IBM Runtime Environment Java Technology Edition affects Cognos Business Intelligence Server (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701200>) \nApril 2015| [Vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701192>) \nMarch 2015| [Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg21698818>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0410, CVE-2014-6593)](<http://www.ibm.com/support/docview.wss?uid=swg21698154>) \nMarch 2015| [Multiple vulnerabilities in the Libpng library affect Cognos Metrics Manager (CVE-2015-0973, CVE-2014-9495)](<http://www.ibm.com/support/docview.wss?uid=swg21697296>) \nMarch 2015| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204)](<http://www.ibm.com/support/docview.wss?uid=swg21695694>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2014-3566, CVE-2014-6457)](<http://www.ibm.com/support/docview.wss?uid=swg21691561>) \nFebruary 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2014-4263)](<http://www.ibm.com/support/docview.wss?uid=swg21688596>) \nJanuary 2015| [TLS padding vulnerability affects Cognos Business Intelligence (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21693422>) \nJanuary 2015| [TLS padding vulnerability affects Cognos Metrics Manager (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21693182>) \nDecember 2014| [Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21692267>) \nDecember 2014| [A vulnerability in the Mozilla Network Security Services (NSS) affects Cognos Metrics Manager (CVE-2014-1568)](<http://www.ibm.com/support/docview.wss?uid=swg21691656>) \nDecember 2014| [A vulnerability in Apache Axis affects Cognos Metrics Manager (CVE-2012-5784)](<http://www.ibm.com/support/docview.wss?uid=swg21691655>) \nDecember 2014| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3567, CVE-2014-3513, CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21689333>) \n \nSecurity bulletins and Alerts for Cognos Busines Intelligence 10.2.1. \n--- \n**Published / Updated**| **Title** \nApril 2018| [Cognos Metrics Manager 2018 Q1 Security Update](<http://www.ibm.com/support/docview.wss?uid=swg22014720>) \nDecember 2017| [Multiple vulnerabilities in Libxml2 affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22011764>) \nDecember 2017| [Cognos Business Intelligence Server 2017Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22007952>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009441>) \nOctober 2017| [A vulnerability in the Apache Xerces-C XML Parser affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009438>) \nOctober 2017| [Cognos Business Intelligence Server 2017Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22009259>) \nOctober 2017| [A vulnerability in the libpng library affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004076>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004070>) \nJune 2017| [Cognos Business Intelligence Server 2017Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22004036>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004078>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004077>) \nMay 2017| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004074>) \nMay 2017| [Cognos Business Intelligence is NOT AFFECTED by the OpenSource Bouncy Castle Vulnerability (CVE-2015-7940)](<http://www.ibm.com/support/docview.wss?uid=swg22003426>) \nApril 2017| [Multiple vulnerabilities in Apache HttpComponents affect Cognos Metrics Manager (CVE-2012-6153, CVE-2014-3577)](<http://www.ibm.com/support/docview.wss?uid=swg21970193>) \nMarch 2017| [Multiple vulnerabilities in Apache Tomcat affect Cognos Metrics Manager (CVE-2016-0762, CVE-2016-6816)](<http://www.ibm.com/support/docview.wss?uid=swg21999723>) \nMarch 2017| [Cognos Business Intelligence Server 2017Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21999671>) \nMarch 2017| [Privilege Escalation vulnerability affects Cognos Business Intelligence (CVE-2016-8960)](<http://www.ibm.com/support/docview.wss?uid=swg21993718>) \nJanuary 2017| [Cognos Business Intelligence is affected by a vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21996809>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21995691>) \nJanuary 2017| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3485)](<http://www.ibm.com/support/docview.wss?uid=swg21995206>) \nJanuary 2017| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2016-3705, CVE-2016-4447, CVE-2016-4448)](<http://www.ibm.com/support/docview.wss?uid=swg21995198>) \nJanuary 2017| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-6306 CVE-2016-2181 CVE-2016-2183)](<http://www.ibm.com/support/docview.wss?uid=swg21993856>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21984323>) \nOctober 2016| [Cognos Business Intelligence Server 2016Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21979767>) \nJuly 2016| [A vulnerability in the Apache Xerces-C XML parser affects Cognos Metrics Manager (CVE-2016-0729)](<http://www.ibm.com/support/docview.wss?uid=swg21986259>) \nJuly 2016| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3427)](<http://www.ibm.com/support/docview.wss?uid=swg21985522>) \nJuly 2016| [A vulnerability in Apache Tomcat affects Cognos Metrics Manager (CVE-2015-5345)](<http://www.ibm.com/support/docview.wss?uid=swg21982821>) \nJuly 2016| [A vulnerability in OpenSSL affects Cognos Metrics Manager (CVE-2016-2106, CVE-2016-2107, CVE-2016-2108)](<http://www.ibm.com/support/docview.wss?uid=swg21977114>) \nMay 2016| [Cognos Business Intelligence Server is affected by CVE-2016-0398](<http://www.ibm.com/support/docview.wss?uid=swg21983247>) \nMay 2016| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317)](<http://www.ibm.com/support/docview.wss?uid=swg21977221>) \nMay 2016| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2016-0448, CVE-2016-0466)](<http://www.ibm.com/support/docview.wss?uid=swg21977134>) \nMarch 2016| [Multiple vulnerabilities in libpng affect Cognos Metrics Manager (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21976924>) \nFebruary 2016| [Several vulnerabilities in the libpng component of Cognos Business Intelligence Server (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21977053>) \nNovember 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-4872)](<http://www.ibm.com/support/docview.wss?uid=swg21971753>) \nNovember 2015| [Vulnerability in Apache Commons affects Cognos Metrics Manager (CVE-2015-7450)](<http://www.ibm.com/support/docview.wss?uid=swg21971382>) \nNovember 2015| [Cognos Business Intelligence Server 2015Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21959874>) \nAugust 2015| [Cognos Business Intelligence Sever 2015Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21963468>) \nAugust 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-2625, CVE-2015-4748, CVE-2015-4749)](<http://www.ibm.com/support/docview.wss?uid=swg21963263>) \nAugust 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0230)](<http://www.ibm.com/support/docview.wss?uid=swg21962903>) \nAugust 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-1789, CVE-2015-1790, CVE-2015-1792)](<http://www.ibm.com/support/docview.wss?uid=swg21962686>) \nAugust 2015| [Vulnerability in RC4 stream cipher affects Cognos Business Intelligence Server (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21715530>) \nJuly 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Mobile app on Android (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959481>) \nJuly 2015| [Cognos Business Intelligence Sever 2015Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21903752>) \nJuly 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0478, CVE-2015-0488, CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21903565>) \nJuly 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0227)](<http://www.ibm.com/support/docview.wss?uid=swg21903036>) \nJuly 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293)](<http://www.ibm.com/support/docview.wss?uid=swg21902528>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Metrics Manager (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959812>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Business Intelligence (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959671>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Business Intelligence (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21700709>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Metrics Manager (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21697317>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Mobile app on Android (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21883588>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Metrics Manager (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21720187>) \nApril 2015| [Vulnerabilities in IBM WebSphere Application Server and GSKit affects Cognos Business Intelligence (CVE-2015-0138, CVE-2015-0159)](<http://www.ibm.com/support/docview.wss?uid=swg21701210>) \nApril 2015| [Vulnerability in IBM Runtime Environment Java Technology Edition affects Cognos Business Intelligence Server (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701200>) \nApril 2015| [Vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701192>) \nMarch 2015| [Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg21698818>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0410, CVE-2014-6593)](<http://www.ibm.com/support/docview.wss?uid=swg21698154>) \nMarch 2015| [Multiple vulnerabilities in the Libpng library affect Cognos Metrics Manager (CVE-2015-0973, CVE-2014-9495)](<http://www.ibm.com/support/docview.wss?uid=swg21697296>) \nMarch 2015| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204)](<http://www.ibm.com/support/docview.wss?uid=swg21695694>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2014-3566, CVE-2014-6457)](<http://www.ibm.com/support/docview.wss?uid=swg21691561>) \nFebruary 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2014-4263)](<http://www.ibm.com/support/docview.wss?uid=swg21688596>) \nJanuary 2015| [TLS padding vulnerability affects Cognos Business Intelligence (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21693422>) \nDecember 2014| [Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21692267>) \nDecember 2014| [A vulnerability in the Mozilla Network Security Services (NSS) affects Cognos Metrics Manager (CVE-2014-1568)](<http://www.ibm.com/support/docview.wss?uid=swg21691656>) \nDecember 2014| [A vulnerability in Apache Axis affects Cognos Metrics Manager (CVE-2012-5784)](<http://www.ibm.com/support/docview.wss?uid=swg21691655>) \nDecember 2014| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3567, CVE-2014-3513, CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21689333>) \nNovember 2014| [Cognos BI Server is affected by the following vulnerabilities: CVE-2014-0107, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0878, CVE-2014-0460](<http://www.ibm.com/support/docview.wss?uid=swg21682740>) \nSeptember 2014| [Cognos Business Intelligence is not affected by the Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278)](<http://www.ibm.com/support/docview.wss?uid=swg21685556>) \nSeptember 2014| [Cognos Metrics Manager is affected by the following IBM Java Runtime vulnerabilities: CVE-2014-0878, CVE-2014-0460](<http://www.ibm.com/support/docview.wss?uid=swg21683527>) \nSeptember 2014| [Cognos Metrics Manager is affected by a vulnerability in Apache Xalan-Java (CVE-2014-0107)](<http://www.ibm.com/support/docview.wss?uid=swg21683524>) \nSeptember 2014| [Cognos Metrics Manager is affected by the following Tomcat vulnerabilities: CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119](<http://www.ibm.com/support/docview.wss?uid=swg21683430>) \nSeptember 2014| [OpenSSL Heartbleed Vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21669823>) \nAugust 2014| [Cognos Metrics Manager is affected by the following OpenSSL vulnerabilities: CVE-2014-0224](<http://www.ibm.com/support/docview.wss?uid=swg21677225>) \nJuly 2014| [Cognos BI Server is affected by the following OpenSSL vulnerability: CVE-2014-0224](<http://www.ibm.com/support/docview.wss?uid=swg21680511>) \nJuly 2014| [Security vulnerabilities have been identified in IBM DB2 shipped with Cognos Business Intelligence (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21674489>) \nJuly 2014| [A security vulnerability has been identified in IBM WebSphere Application Server shipped with Cognos Business Intelligence (CVE-2014-0114)](<http://www.ibm.com/support/docview.wss?uid=swg21674099>) \nMay 2014| [Multiple security exposures in Cognos BI Server (CVE-2014- 0416, CVE-2014-0423, CVE-2013-4322)](<http://www.ibm.com/support/docview.wss?uid=swg21671340>) \nMarch 2014| [Multiple security exposures in Cognos BI Server (CVE-2013-6954, CVE-2013-6732, CVE-2013-5802, CVE-2013-5825, CVE-2014-0854, CVE-2014-0861)](<http://www.ibm.com/support/docview.wss?uid=swg21662856>) \nNovember 2013| [Cognos Business Intelligence (CVE-2013-3030, CVE-2013-4002, CVE-2013-2407, CVE-2013-2450, CVE-2013-4034, CVE-2013-5372)](<http://www.ibm.com/support/docview.wss?uid=swg21652590>) \n \nSecurity bulletins and Alerts for Cognos Busines Intelligence 10.2. \n--- \n**Published / Updated**| **Title** \nApril 2018| [Cognos Metrics Manager 2018 Q1 Security Update](<http://www.ibm.com/support/docview.wss?uid=swg22014720>) \nDecember 2017| [Multiple vulnerabilities in Libxml2 affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22011764>) \nDecember 2017| [Cognos Business Intelligence Server 2017Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22007952>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22009441>) \nOctober 2017| [A vulnerability in the Apache Xerces-C XML Parser affects Cognos Metrics Manager.](<http://www.ibm.com/support/docview.wss?uid=swg22009438>) \nOctober 2017| [Cognos Business Intelligence Server 2017Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22009259>) \nOctober 2017| [A vulnerability in the libpng library affects Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004076>) \nOctober 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004070>) \nJune 2017| [Cognos Business Intelligence Server 2017Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg22004036>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004078>) \nMay 2017| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004077>) \nMay 2017| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager](<http://www.ibm.com/support/docview.wss?uid=swg22004074>) \nMay 2017| [Cognos Business Intelligence is NOT AFFECTED by the OpenSource Bouncy Castle Vulnerability (CVE-2015-7940)](<http://www.ibm.com/support/docview.wss?uid=swg22003426>) \nApril 2017| [Multiple vulnerabilities in Apache HttpComponents affect Cognos Metrics Manager (CVE-2012-6153, CVE-2014-3577)](<http://www.ibm.com/support/docview.wss?uid=swg21970193>) \nMarch 2017| [Multiple vulnerabilities in Apache Tomcat affect Cognos Metrics Manager (CVE-2016-0762, CVE-2016-6816)](<http://www.ibm.com/support/docview.wss?uid=swg21999723>) \nMarch 2017| [Cognos Business Intelligence Server 2017Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21999671>) \nMarch 2017| [Privilege Escalation vulnerability affects Cognos Business Intelligence (CVE-2016-8960)](<http://www.ibm.com/support/docview.wss?uid=swg21993718>) \nJanuary 2017| [Cognos Business Intelligence is affected by a vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21996809>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21995691>) \nJanuary 2017| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3485)](<http://www.ibm.com/support/docview.wss?uid=swg21995206>) \nJanuary 2017| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2016-3705, CVE-2016-4447, CVE-2016-4448)](<http://www.ibm.com/support/docview.wss?uid=swg21995198>) \nJanuary 2017| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2016-6302 CVE-2016-6304 CVE-2016-6303 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-6306 CVE-2016-2181 CVE-2016-2183)](<http://www.ibm.com/support/docview.wss?uid=swg21993856>) \nJanuary 2017| [Cognos Business Intelligence Server 2016Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21984323>) \nOctober 2016| [Cognos Business Intelligence Server 2016Q1 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21979767>) \nJuly 2016| [A vulnerability in the Apache Xerces-C XML parser affects Cognos Metrics Manager (CVE-2016-0729)](<http://www.ibm.com/support/docview.wss?uid=swg21986259>) \nJuly 2016| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2016-3427)](<http://www.ibm.com/support/docview.wss?uid=swg21985522>) \nJuly 2016| [A vulnerability in Apache Tomcat affects Cognos Metrics Manager (CVE-2015-5345)](<http://www.ibm.com/support/docview.wss?uid=swg21982821>) \nJuly 2016| [A vulnerability in OpenSSL affects Cognos Metrics Manager (CVE-2016-2106, CVE-2016-2107, CVE-2016-2108)](<http://www.ibm.com/support/docview.wss?uid=swg21977114>) \nMay 2016| [Cognos Business Intelligence Server is affected by CVE-2016-0398](<http://www.ibm.com/support/docview.wss?uid=swg21983247>) \nMay 2016| [Multiple vulnerabilities in libxml2 affect Cognos Metrics Manager (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317)](<http://www.ibm.com/support/docview.wss?uid=swg21977221>) \nMay 2016| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2016-0448, CVE-2016-0466)](<http://www.ibm.com/support/docview.wss?uid=swg21977134>) \nMarch 2016| [Multiple vulnerabilities in libpng affect Cognos Metrics Manager (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21976924>) \nFebruary 2016| [Several vulnerabilities in the libpng component of Cognos Business Intelligence Server (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)](<http://www.ibm.com/support/docview.wss?uid=swg21977053>) \nNovember 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-4872)](<http://www.ibm.com/support/docview.wss?uid=swg21971753>) \nNovember 2015| [Vulnerability in Apache Commons affects Cognos Metrics Manager (CVE-2015-7450)](<http://www.ibm.com/support/docview.wss?uid=swg21971382>) \nNovember 2015| [Cognos Business Intelligence Server 2015Q4 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21959874>) \nAugust 2015| [Cognos Business Intelligence Sever 2015Q3 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21963468>) \nAugust 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-2625, CVE-2015-4748, CVE-2015-4749)](<http://www.ibm.com/support/docview.wss?uid=swg21963263>) \nAugust 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0230)](<http://www.ibm.com/support/docview.wss?uid=swg21962903>) \nAugust 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-1789, CVE-2015-1790, CVE-2015-1792)](<http://www.ibm.com/support/docview.wss?uid=swg21962686>) \nAugust 2015| [Vulnerability in RC4 stream cipher affects Cognos Business Intelligence Server (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21715530>) \nJuly 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Mobile app on Android (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959481>) \nJuly 2015| [Cognos Business Intelligence Sever 2015Q2 Security Updater](<http://www.ibm.com/support/docview.wss?uid=swg21903752>) \nJuly 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0478, CVE-2015-0488, CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21903565>) \nJuly 2015| [Vulnerability in Tomcat affects Cognos Metrics Manager (CVE-2014-0227)](<http://www.ibm.com/support/docview.wss?uid=swg21903036>) \nJuly 2015| [Vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293)](<http://www.ibm.com/support/docview.wss?uid=swg21902528>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Metrics Manager (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959812>) \nJune 2015| [Vulnerability in Diffie-Hellman ciphers affects Cognos Business Intelligence (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959671>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Business Intelligence (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21700709>) \nMay 2015| [A vulnerability in the IBM Dojo Toolkit affects Cognos Metrics Manager (CVE-2014-8917)](<http://www.ibm.com/support/docview.wss?uid=swg21697317>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Mobile app on Android (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21883588>) \nApril 2015| [Vulnerability in RC4 stream cipher affects Cognos Metrics Manager (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21720187>) \nApril 2015| [Vulnerabilities in IBM WebSphere Application Server and GSKit affects Cognos Business Intelligence (CVE-2015-0138, CVE-2015-0159)](<http://www.ibm.com/support/docview.wss?uid=swg21701210>) \nApril 2015| [Vulnerability in IBM Runtime Environment Java Technology Edition affects Cognos Business Intelligence Server (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701200>) \nApril 2015| [Vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2015-0138)](<http://www.ibm.com/support/docview.wss?uid=swg21701192>) \nMarch 2015| [Cognos Business Intelligence Server is affected by multiple vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg21698818>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2015-0410, CVE-2014-6593)](<http://www.ibm.com/support/docview.wss?uid=swg21698154>) \nMarch 2015| [Multiple vulnerabilities in the Libpng library affect Cognos Metrics Manager (CVE-2015-0973, CVE-2014-9495)](<http://www.ibm.com/support/docview.wss?uid=swg21697296>) \nMarch 2015| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204)](<http://www.ibm.com/support/docview.wss?uid=swg21695694>) \nMarch 2015| [Multiple vulnerabilities in IBM Java Runtime affect Cognos Metrics Manager (CVE-2014-3566, CVE-2014-6457)](<http://www.ibm.com/support/docview.wss?uid=swg21691561>) \nFebruary 2015| [A vulnerability in IBM Java Runtime affects Cognos Metrics Manager (CVE-2014-4263)](<http://www.ibm.com/support/docview.wss?uid=swg21688596>) \nJanuary 2015| [TLS padding vulnerability affects Cognos Business Intelligence (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21693422>) \nDecember 2014| [Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21692267>) \nDecember 2014| [A vulnerability in the Mozilla Network Security Services (NSS) affects Cognos Metrics Manager (CVE-2014-1568)](<http://www.ibm.com/support/docview.wss?uid=swg21691656>) \nDecember 2014| [A vulnerability in Apache Axis affects Cognos Metrics Manager (CVE-2012-5784)](<http://www.ibm.com/support/docview.wss?uid=swg21691655>) \nDecember 2014| [Multiple vulnerabilities in OpenSSL affect Cognos Metrics Manager (CVE-2014-3567, CVE-2014-3513, CVE-2014-3568)](<http://www.ibm.com/support/docview.wss?uid=swg21689333>) \nDecember 2014| [Vulnerability in SSLv3 affects Cognos Metrics Manager (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21687710>) \nNovember 2014| [Cognos BI Server is affected by the following vulnerabilities: CVE-2014-0107, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0878, CVE-2014-0460](<http://www.ibm.com/support/docview.wss?uid=swg21682740>) \nSeptember 2014| [Cognos Business Intelligence is not affected by the Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278)](<http://www.ibm.com/support/docview.wss?uid=swg21685556>) \nSeptember 2014| [Cognos Metrics Manager is affected by the following IBM Java Runtime vulnerabilities: CVE-2014-0878, CVE-2014-0460](<http://www.ibm.com/support/docview.wss?uid=swg21683527>) \nSeptember 2014| [Cognos Metrics Manager is affected by a vulnerability in Apache Xalan-Java (CVE-2014-0107)](<http://www.ibm.com/support/docview.wss?uid=swg21683524>) \nSeptember 2014| [Cognos Metrics Manager is affected by the following Tomcat vulnerabilities: CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119](<http://www.ibm.com/support/docview.wss?uid=swg21683430>) \nSeptember 2014| [OpenSSL Heartbleed Vulnerability](<http://www.ibm.com/support/docview.wss?uid=swg21669823>) \nAugust 2014| [Cognos Metrics Manager is affected by the following OpenSSL vulnerabilities: CVE-2014-0224](<http://www.ibm.com/support/docview.wss?uid=swg21677225>) \nJuly 2014| [Cognos BI Server is affected by the following OpenSSL vulnerability: CVE-2014-0224](<http://www.ibm.com/support/docview.wss?uid=swg21680511>) \nJuly 2014| [Security vulnerabilities have been identified in IBM DB2 shipped with Cognos Business Intelligence (CVE-2013-6747, CVE-2014-0963)](<http://www.ibm.com/support/docview.wss?uid=swg21674489>) \nJuly 2014| [A security vulnerability has been identified in IBM WebSphere Application Server shipped with Cognos Business Intelligence (CVE-2014-0114)](<http://www.ibm.com/support/docview.wss?uid=swg21674099>) \nMay 2014| [Multiple security exposures in Cognos BI Server (CVE-2014- 0416, CVE-2014-0423, CVE-2013-4322)](<http://www.ibm.com/support/docview.wss?uid=swg21671340>) \nMarch 2014| [Multiple security exposures in Cognos BI Server (CVE-2013-6954, CVE-2013-6732, CVE-2013-5802, CVE-2013-5825, CVE-2014-0854, CVE-2014-0861)](<http://www.ibm.com/support/docview.wss?uid=swg21662856>) \nNovember 2013| [Cognos Business Intelligence (CVE-2013-3030, CVE-2013-4002, CVE-2013-2407, CVE-2013-2450, CVE-2013-4034, CVE-2013-5372)](<http://www.ibm.com/support/docview.wss?uid=swg21652590>) \n \n\\-->\n\n[{\"Product\":{\"code\":\"SSTSF6\",\"label\":\"IBM Cognos Analytics\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"11.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}},{\"Product\":{\"code\":\"SSEP7J\",\"label\":\"Cognos Business Intelligence\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"10.2;10.2.1;10.2.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-07-19T16:57:09", "type": "ibm", "title": "Security Bulletins - Cognos Analytics and Cognos Business Intelligence", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5784", "CVE-2012-6153", "CVE-2013-2407", "CVE-2013-2450", "CVE-2013-3030", "CVE-2013-4002", "CVE-2013-4034", "CVE-2013-4322", "CVE-2013-5372", "CVE-2013-5802", "CVE-2013-5825", "CVE-2013-6732", "CVE-2013-6747", "CVE-2013-6954", "CVE-2014-0075", "CVE-2014-0096", "CVE-2014-0099", "CVE-2014-0107", "CVE-2014-0114", "CVE-2014-0119", "CVE-2014-0224", "CVE-2014-0227", "CVE-2014-0230", "CVE-2014-0423", "CVE-2014-0460", "CVE-2014-0854", "CVE-2014-0861", "CVE-2014-0878", "CVE-2014-0963", "CVE-2014-1568", "CVE-2014-3513", "CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3568", "CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-3577", "CVE-2014-4263", "CVE-2014-6145", "CVE-2014-6271", "CVE-2014-6277", "CVE-2014-6278", "CVE-2014-6457", "CVE-2014-6593", "CVE-2014-7169", "CVE-2014-7186", "CVE-2014-7187", "CVE-2014-8275", "CVE-2014-8730", "CVE-2014-8917", "CVE-2014-9495", "CVE-2015-0138", "CVE-2015-0159", "CVE-2015-0204", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293", "CVE-2015-0410", "CVE-2015-0478", "CVE-2015-0488", "CVE-2015-0973", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1792", "CVE-2015-1819", "CVE-2015-2017", "CVE-2015-2625", "CVE-2015-2808", "CVE-2015-4000", "CVE-2015-4748", "CVE-2015-4749", "CVE-2015-4872", "CVE-2015-5312", "CVE-2015-5345", "CVE-2015-7450", "CVE-2015-7497", "CVE-2015-7498", "CVE-2015-7499", "CVE-2015-7500", "CVE-2015-7940", "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-8035", "CVE-2015-8126", "CVE-2015-8241", "CVE-2015-8317", "CVE-2015-8472", "CVE-2015-8540", "CVE-2016-0201", "CVE-2016-0398", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0729", "CVE-2016-0762", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2108", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2181", "CVE-2016-2183", "CVE-2016-3427", "CVE-2016-3485", "CVE-2016-3705", "CVE-2016-4447", "CVE-2016-4448", "CVE-2016-5983", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6816", "CVE-2016-8960"], "modified": "2018-07-19T16:57:09", "id": "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "href": "https://www.ibm.com/support/pages/node/568041", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-27T22:03:06", "description": "## Question\n\nIs there a list that contains the security bulletins that apply to WebSphere Application Server and IBM HTTP Server?\n\n## Answer\n\nThe following table is provided to help you locate WebSphere Application Server and IBM HTTP Server security bulletins. These are listed numerically by CVE number not by the last one published.\n\nNote the IBM Java runtime included with WebSphere Application Server provides an execution environment for non-IBM code. While the below table includes all IBM Java vulnerabilities related to the WebSphere Application Server product, there might be additional IBM Java vulnerabilities which impact non-IBM code running in your WebSphere Application Server environment. For a listing of all IBM Java security bulletins, refer to [_IBM Java Security Alerts_](<https://www.ibm.com/developerworks/java/jdk/alerts/>). To determine the Java SDK version used with WebSphere Application Server, refer to the [_Verify Java SDK version shipped with WebSphere Application Server_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27005002>).\n\nTo avoid preventable security issues, it is recommended that you stay up-to-date on the most current maintenance options for your products. You can also subscribe to the security bulletins for each of your products as provided in this link, [_IBM Security Bulletins_](<http://www.ibm.com/security/secure-engineering/bulletins.html>).\n\nWhen significant updates have been made to security bulletins, it will be noted with the date of the last update in the bulletin columns.\n\nNote: Starting 07/16/2020, the most recent fix published will be added to the top of this list below as well as in numerical order by year.\n\n**Recent CVEs (previous 15 published from most recent to least recent)**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2022-22477 | 6.1 | [Cross-site Scripting](<https://www.ibm.com/support/pages/node/6603417>) | Not affected | 9.0,8.5 \n| CVE-2022-22473 | 3.7 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6603421>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2019-11777 | 7.5 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6602039>) | Not affected | Liberty \n| CVE-2022-22476 | 5.0 | [Identity Spoofing](<https://www.ibm.com/support/pages/node/6602015>) | Not affected | Liberty \n| CVE-2022-26377 | 7.3 | Not affected | [HTTP Request Smuggling](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-28614 | 5.3 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-28615 | 6.5 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-29404 | 5.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-30556 | 5.3 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-31813 | 5.3 | Not affected | [Bypass Security](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-21496 | 5.3 | [IBM Java SDK for April 2022](<https://www.ibm.com/support/pages/node/6594523>) | Not affected | 9.0,8.5,Liberty \n| CVE-2022-21299 | 5.3 | [IBM Java SDK for April 2022](<https://www.ibm.com/support/pages/node/6594523>) | Not affected | 9.0,8.5,Liberty \n| CVE-2022-22365 | 5.6 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6587947>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2022-22475 | 7.1 | [Identity Spoofing](<https://www.ibm.com/support/pages/node/6586734>) | Not affected | Liberty \n \n**2022 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2022-31813 | 5.3 | Not affected | [Bypass Security](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-30556 | 5.3 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-29404 | 5.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-28615 | 6.5 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-28614 | 5.3 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-26377 | 7.3 | Not affected | [HTTP Request Smuggling](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-25315 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6560814>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-25313 | 5.5 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6560814>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-25236 | 5.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6560814>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-25235 | 3.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6560814>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-23990 | 9.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-23852 | 9.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-23307 | 9.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6557248>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2022-23305 | 6.5 | [SQL Injection](<https://www.ibm.com/support/pages/node/6557248>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2022-23302 | 8.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6557248>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2022-22827 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22826 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22825 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22824 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22823 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22822 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22721 | 7.3 | Not affected | [Buffer Overflow](<https://www.ibm.com/support/pages/node/6565413>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22720 | 7.3 | Not affected | [HTTP Request Smuggling](<https://www.ibm.com/support/pages/node/6565413>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22719 | 5.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6565413>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22477 | 6.1 | [Cross-site Scripting](<https://www.ibm.com/support/pages/node/6603417>) | Not affected | 9.0,8.5 \n| CVE-2022-22476 | 5.0 | [Identity Spoofing](<https://www.ibm.com/support/pages/node/6602015>) | Not affected | Liberty \n| CVE-2022-22475 | 7.1 | [Identity Spoofing](<https://www.ibm.com/support/pages/node/6586734>) | Not affected | Liberty \n| CVE-2022-22473 | 3.7 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6603421>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2022-22393 | 3.1 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6585704>) | Not affected | Liberty \n| CVE-2022-22365 | 5.6 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6587947>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2022-22310 | 4.8 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6541530>) | Not affected | Liberty \n| CVE-2022-21496 | 5.3 | [IBM Java SDK for April 2022 CPU](<https://www.ibm.com/support/pages/node/6594523>) | | 9.0,8.5,Liberty \n| CVE-2022-21340 | 5.3 | [IBM Java SDK for January 2022 CPU](<https://www.ibm.com/support/pages/node/6559306>) | Not affected | 9.0,8.5,Liberty \n| CVE-2022-21229 | 5.3 | [IBM Java SDK for April 2022 CPU](<https://www.ibm.com/support/pages/node/6594523>) | | 9.0,8.5,Liberty \n \n**2021 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2021-46708 | 4.3 | [Clickjacking vulnerability](<https://www.ibm.com/support/pages/node/6569505>) | Not affected | Liberty \n| CVE-2021-46143 | 7.8 | Not affected | [Remote Code Execution](<https://Denial of Service>) | 7.0,8.0,8.5,9.0 \n| CVE-2021-45960 | 5.5 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6559296>) | 7.0,8.0,8.5,9.0 \n| CVE-2021-45105 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/6538148>) | Not affected | 9.0, 8.5 \n| CVE-2021-45046 | 9.0 | [Denial of Service](<https://www.ibm.com/support/pages/node/6526750>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2021-44832 | 6.6 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6538148>) | Not affected | 9.0, 8.5 \n| CVE-2021-44790 | 9.8 | Not affected | [Buffer overflow](<https://www.ibm.com/support/pages/node/6540288>) | 9.0 \nLog4Shell | CVE-2021-44228 | 10 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6525706>) | Not affected | 9.0, 8.5 \n| CVE-2021-44224 | 8.2 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6540288>) | 9.0 \n| CVE-2021-40438 | 9.0 | Not affected | [Server-side request forgery](<https://www.ibm.com/support/pages/node/6493841>) | 9.0 \n| CVE-2021-39275 | 3.7 | Not affected | [Buffer overflow](<https://www.ibm.com/support/pages/node/6493845>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-39038 | 4.4 | [Clickjacking vulnerability](<https://www.ibm.com/support/pages/node/6559044>) | Not affected | 9.0, Liberty \n| CVE-2021-39031 | 7.5 | [LDAP Injection](<https://www.ibm.com/support/pages/node/6550488>) | Not affected | Liberty \n| CVE-2021-38951 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/6524674>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-36090 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/6489683>) | Not affected | Liberty \n| CVE-2021-35603 | 3.7 | [IBM Java SDK for January 2022 CPU](<https://www.ibm.com/support/pages/node/6559306>) | Not affected | 9.0,8.5,Liberty \n| CVE-2021-35578 | 5.3 | [IBM Java SDK for October 2021 CPU](<https://www.ibm.com/support/pages/node/6520468>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2021-35564 | 5.3 | [IBM Java SDK for October 2021 CPU](<https://www.ibm.com/support/pages/node/6520468>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2021-35550 | 5.9 | [IBM Java SDK for January 2022 CPU](<https://www.ibm.com/support/pages/node/6559306>) | Not affected | 9.0,8.5,Liberty \n| CVE-2021-35517 | 5.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/6489683>) | Not affected | Liberty \n| CVE-2021-34798 | 5.9 | Not affected | [Denial of service](<https://www.ibm.com/support/pages/node/6493841>) | 9.0 \n| CVE-2021-30641 | 5.3 | Not affected | [Weaker Security](<https://www.ibm.com/support/pages/node/6464029>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-29842 | 3.7 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6489485>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2021-29754 | 4.2 | [Privilege Escalation](<https://www.ibm.com/support/pages/node/6462627>) | Not affected | 9.0, 8.5, 8.0. 7.0 \n| CVE-2021-29736 | 5.0 | [Privilege Escalation](<https://www.ibm.com/support/pages/node/6476678>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-26691 | 5.9 | Not affected | [Heap Buffer Overflow](<https://www.ibm.com/support/pages/node/6467651>) | 9.0 \n| CVE-2021-26690 | 3.7 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6467651>) | 9.0 \n| CVE-2021-26296 | 8.8 | [Cross-site request forgery](<https://www.ibm.com/support/pages/node/6441433>) | Not affected | 9.0, 8.5, 8.0, Liberty \n| CVE-2021-23450 | 9.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6558594>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2021-20517 | 6.4 | [Directory Traversal](<https://www.ibm.com/support/pages/node/6456955>) | Not affected | 9.0, 8.5 \n| CVE-2021-20492 | 6.5 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6456017>) | Not affected | 9.0, 8.5, 8.0, Liberty \n| CVE-2021-20480 | 4.3 | [Server-side request forgery](<https://www.ibm.com/support/pages/node/6441063>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2021-20454 | 8.2 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6445481>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-20453 | 8.2 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6445171>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2021-20354 | 5.9 | [Directory traversal](<https://www.ibm.com/support/pages/node/6415959>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2021-20353 | 8.2 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6413709>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-4104 | 8.1 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6526750>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2021-2369 | 4.3 | [IBM Java SDK for July 2021 CPU](<https://www.ibm.com/support/pages/node/6481135>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2021-2161 | 5.9 | [IBM Java SDK for April 2021 CPU](<https://www.ibm.com/support/pages/node/6454853>) | Not affected | 9.0, 8.5, Liberty \n \n**2020 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2020-27221 | 9.8 | [IBM Java SDK for January 2021 CPU](<https://www.ibm.com/support/pages/node/6415639>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14797 | 3.7 | [IBM Java SDK for October 2020 CPU](<https://www.ibm.com/support/pages/node/6379260>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14782 | 3.7 | [IBM Java SDK for January 2021 CPU](<https://www.ibm.com/support/pages/node/6415639>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14781 | 3.7 | [IBM Java SDK for January 2021 CPU](<https://www.ibm.com/support/pages/node/6415639>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14621 | 5.3 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14581 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14579 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14578 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14577 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-13938 | 6.2 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6464029>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-11985 | 5.3 | Not affected | [Spoofing Vulnerability](<https://www.ibm.com/support/pages/node/6324789>) | 9.0 \n| CVE-2020-10693 | 5.3 | [Bypass security](<https://www.ibm.com/support/pages/node/6348216>) | Not affected | Liberty \n| CVE-2020-5258 | 7.5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6443101>) | Not affected | 9.0, 8.5, 8.0, Liberty \n| CVE-2020-5016 | 5.3 | [Directory traversal](<https://www.ibm.com/support/pages/node/6427873>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4949 | 8.2 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6408244>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4782 | 6.5 | [Directory Traversal](<https://www.ibm.com/support/pages/node/6356083>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4643 | 7.5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6334311>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4629 | 2.9 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6339255>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4590 | 5.3 | [Denial of Service](<https://www.ibm.com/support/pages/node/6333623>) | Not affected | Liberty \n| CVE-2020-4589 | 8.1 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6258333>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4578 | 5.4 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/6328895>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4576 | 5.3 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6339807>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4575 | 4.7 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/6323293>) | Not affected | 9.0, 8.5, 8.0VE, 7.0VE \n| CVE-2020-4534 | 7.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6255074>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4464 | 8.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6250059>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4450 | 9.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6220294>) | Not affected | 9.0,8.5 \n| CVE-2020-4449 | 7.5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6220296>) | Not affected | 9.0, 8.5, 8.0,7.0 \n| CVE-2020-4448 | 9.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6220336>) | Not affected | 9.0, 8.5, 8.0VE, 7.0VE \n| CVE-2020-4421 | 5.0 | [Identity spoofing](<https://www.ibm.com/support/pages/node/6205926>) | Not affected | Liberty \n| CVE-2020-4365 | 5.3 | [Server-side request forgery](<https://www.ibm.com/support/pages/node/6209099>) | Not affected | 8.5 \n| CVE-2020-4362 | 7.5 | [Privilege Escalation](<https://www.ibm.com/support/pages/node/6174417>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4329 | 4.3 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6201862>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2020-4304 | 6.1 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/6147195>) | Not affected | Liberty \n| CVE-2020-4303 | 6.1 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/6147195>) | Not affected | Liberty \n| CVE-2020-4276 | 7.5 | [Privilege Escalation](<https://www.ibm.com/support/pages/node/6118222>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4163 | 6.6 | [Command Execution](<https://www.ibm.com/support/pages/node/1288786>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-2800 | 4.8 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2781 | 5.3 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2773 | 3.7 | [IBM Java SDK for January 2021 CPU](<https://www.ibm.com/support/pages/node/6415639>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2755 | 3.7 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2754 | 3.7 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2654 | 3.7 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2601 | 6.8 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2593 | 4.8 | [IBM Java SDK for January 2020 CPU](<https://www.ibm.com/support/pages/node/1289194>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2590 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-1934 | 8.1 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6191631>) | 9.0,8.5,8.0,7.0 \n| CVE-2020-1927 | 7.4 | Not affected | [Phishing attack](<https://www.ibm.com/support/pages/node/6191631>) | 9.0,8.5,8.0,7.0 \n \n**2019 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2019-17573 | 6.1 | [Cross-site Scripting](<https://www.ibm.com/support/pages/node/6100132>) | Not affected | Liberty \n| CVE-2019-17566 | 7.5 | [Server-side request forgery](<https://www.ibm.com/support/pages/node/6322683>) | Not affected | 9.0,8.5,8.0 \n| CVE-2019-17495 | 5.3 | [Information Disclosure](<https://www.ibm.com/support/pages/node/1274596>) | Not affected | Liberty \n| CVE-2019-12402 | 4.3 | [Denial of Service](<https://www.ibm.com/support/pages/node/1074156>) | Not affected | Liberty \n| CVE-2019-12406 | 5.3 | [Denial of Service](<https://www.ibm.com/support/pages/node/1288774>) | Not affected | 9.0,Liberty \n| CVE-2019-11777 | 7.5 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6602039>) | Not affected | Liberty \n| CVE-2019-10098 | 3.7 | Not affected | [Phishing attack](<https://www.ibm.com/support/pages/node/964768>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-10092 | 4.7 | Not affected | [Cross-site scripting](<https://www.ibm.com/support/pages/node/964768>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-10086 | 5.3 | [Unauthorized Access](<https://www.ibm.com/support/pages/node/1115085>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-9518 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9517 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9515 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9514 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9513 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9512 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-4732 | 7.2 | [IBM Java SDK for January 2020 CPU](<https://www.ibm.com/support/pages/node/1289194>) | Not affected | 9.0,8.5,Liberty \n| CVE-2019-4720 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1285372>) | Not affected | 9.0, 8.5, 8.0, 7.0 Liberty \n| CVE-2019-4670 | 6.5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/1289152>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2019-4663 | 5.4 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/1127367>) | Not affected | Liberty \n| CVE-2019-4505 | 3.7 | [Information Disclosure](<https://www.ibm.com/support/pages/node/964766>) | Not affected | 9.0, 8.5, 7.0Virtual Enterprise \n| CVE-2019-4477 | 5.3 | [Information Disclosure](<https://www.ibm.com/support/pages/node/960290>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4442 | 4.3 | [Path Traversal](<https://www.ibm.com/support/pages/node/959021>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4441 | 5.3 | [Information disclosure](<https://www.ibm.com/support/pages/node/959023>) | Not affected | 9.0, 8.5, 8.0, 7.0 Liberty \n| CVE-2019-4305 | 5.3 | [Information disclosure](<https://www.ibm.com/support/pages/node/960171>) | Not affected | Liberty \n| CVE-2019-4304 | 6.3 | [Bypass security](<https://www.ibm.com/support/pages/node/960171>) | Not affected | Liberty \n| CVE-2019-4285 | 5.4 | [Clickjacking vulnerability](<https://www-01.ibm.com/support/docview.wss?uid=ibm10884064>) | Not affected | Liberty \n| CVE-2019-4279 | 9.0 | [Remote Code Execution](<https://www-01.ibm.com/support/docview.wss?uid=ibm10883628>) | Not affected | 9.0, 8.5, 7.0Virtual Enterprise \n| CVE-2019-4271 | 3.5 | [HTTP Parameter Pollution](<https://www.ibm.com/support/pages/node/884040>) | Not affected | 9.0, 8.5, 7.0Virtual Enterprise \n| CVE-2019-4270 | 5.4 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/884036>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4269 | 5.3 | [Information Disclosure](<https://www-01.ibm.com/support/docview.wss?uid=ibm10884032>) | Not affected | 9.0 \n| CVE-2019-4268 | 5.3 | [Path Traversal](<https://www.ibm.com/support/pages/node/884030>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4080 | 6.5 | [Denial of Service](<https://www-01.ibm.com/support/docview.wss?uid=ibm10875692>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4046 | 5.9 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=ibm10869570>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2019-4030 | 5.4 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=ibm10869406>) | Not affected | 9.0, 8.5, 8.0VE, 7.0VE \n| CVE-2019-2989 | 6.8 | [IBM Java SDK for October 2019 CPU](<https://www.ibm.com/support/pages/node/1126887>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2019-2949 | 6.8 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2019-2426 | 3.7 | [IBM Java SDK for January 2019 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10873042>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2019-0220 | 5.3 | Not affected | [Weaker Security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10880413>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-0211 | 8.2 | Not affected | [Privilege Escalation](<https://www-01.ibm.com/support/docview.wss?uid=ibm10880413>) | 9.0 \n \n**2018 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| N/A | 8.1 | [Remote code execution in JSF](<http://www-01.ibm.com/support/docview.wss?uid=ibm10716525>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2018-25031 | 5.4 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6569505>) | Not affected | Liberty \n| CVE-2018-20843 | 3.3 | Not affected | [Denial of service](<https://www.ibm.com/support/pages/node/964768>) | 9.0, 8.5, 8.0, 9.0 \n| CVE-2018-17199 | 5.3 | Not affected | [Bypass security ](<http://www-01.ibm.com/support/docview.wss?uid=ibm10869064>) | 9.0 \n| CVE-2018-12547 | 9.8 | [IBM Java SDK for January 2019 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10873042>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2018-12539 | 8.4 | [IBM Java SDK for July 2018 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729349>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-10237 | 7.5 | \n\n[Denial of service](<https://www-01.ibm.com/support/docview.wss?uid=ibm10795696>)\n\n| Not affected | 9.0, 8.5, Liberty \n| CVE-2018-8039 | 7.5 | [Man-in-the-Middle](<https://www-01.ibm.com/support/docview.wss?uid=ibm10720065>) | Not affected | 9.0 Liberty \n| CVE-2018-3180 | 5.6 | [IBM Java SDK for October 2018 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729607>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-3139 | 3.1 | [IBM Java SDK for October 2018 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729607>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2800 | 4.2 | [IBM Java SDK for April 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22016282>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2783 | 7.4 | [IBM Java SDK for April 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22016282>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2637 | 7.4 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2634 | 6.8 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2633 | 8.3 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2603 | 5.3 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2602 | 4.5 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2579 | 3.7 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-1996 | 5.3 | [Weaker Security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10793421>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1957 | 4.0 | [Information Disclosure](<https://www-01.ibm.com/support/docview.wss?uid=ibm10744247>) | Not affected | 9.0 \n| CVE-2018-1926 | 4.3 | [Cross-site Request Forgery](<http://www-01.ibm.com/support/docview.wss?uid=ibm10742301>) | Not affected | 9.0, 8.5 \n| CVE-2018-1905 | 7.1 | [XXE vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=ibm10738721>) | Not affected | 9.0 \n| CVE-2018-1904 | 8.1 | [Remote Code execution](<http://www-01.ibm.com/support/docview.wss?uid=ibm10738735>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1902 | 3.1 | [Spoofing Vulnerability](<https://www-01.ibm.com/support/docview.wss?uid=ibm10795115>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-1901 | 5.0 | [Privilege Escalation](<http://www-01.ibm.com/support/docview.wss?uid=ibm10738727>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2018-1890 | 5.6 | [IBM Java SDK for January 2019 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10873042>) | Not affected | 9.0, 8.5, Library \n| CVE-2018-1851 | 7.3 | [Code execution](<https://www-01.ibm.com/support/docview.wss?uid=ibm10735105>) | Not affected | Liberty \n| CVE-2018-1840 | 6.0 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=ibm10735767>) | Not affected | \n\n9.0, 8.5 \n \n| CVE-2018-1798 | 6.1 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=ibm10730703>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1797 | 6.3 | [Directory traversal](<http://www-01.ibm.com/support/docview.wss?uid=ibm10730699>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1794 | 6.1 | [Cross-site scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729571>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1793 | 6.1 | [Cross-site scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729563>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1777 | 5.4 | [Cross-site scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10730631>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1770 | 6.5 | [Directory traversal](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729521>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1767 | 6.1 | [Cross-site scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729547>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-1755 | 5.9 | [Information Disclosure](<https://www-01.ibm.com/support/docview.wss?uid=ibm10728689>) | Not affected | Liberty \n| CVE-2018-1719 | 5.9 | [Weaker security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10718837>) | Not affected | 9.0, 8.5 \n| CVE-2018-1695 | 7.3 | [Spoofing vulnerability](<https://www-01.ibm.com/support/docview.wss?uid=ibm10716523>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2018-1683 | 5.9 | [Information disclosure](<https://www-01.ibm.com/support/docview.wss?uid=ibm10716533>) | Not affected | Liberty \n| CVE-2018-1656 | 7.4 | [IBM Java SDK for July 2018 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729349>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-1643 | 6.1 | [Cross-site Scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10716857>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2018-1626 | 4.3 | [Cross-site Request Forgery](<http://www-01.ibm.com/support/docview.wss?uid=ibm10742301>) | Not affected | 9.0, 8.5 \n| CVE-2018-1621 | 4.4 | [Information disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22016821>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1614 | 5.8 | [Information disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1567 | 9.8 | [Code execution](<https://www-01.ibm.com/support/docview.wss?uid=swg22016254>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1553 | 5.3 | [Information disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22016218>) | Not affected | Liberty \n| CVE-2018-1447 | 5.1 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1427 | 6.2 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1426 | 7.4 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \nROBOT | CVE-2018-1388 | 9.1 | Not affected | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22014196>) | 7.0 \n| CVE-2018-1301 | 5.3 | Not affected | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg22015344>) | 9.0, 8.5, 8.0, 7.0 \n \n**2017 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2017-15715 | 3.7 | Not affected | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg22015344>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-15710 | 5.3 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22015344>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-12624 | 5.3 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22013597>) | Not affected | 9.0, Liberty \n| CVE-2017-12618 | 5.5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22009782>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-12613 | 9.1 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22013598>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-10388 | 7.5 | [IBM Java SDK for October 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22010560>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-10356 | 6.2 | [IBM Java SDK for October 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22010560>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-10116 | 8.3 | [IBM Java SDK for July 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22007002>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-10115 | 7.5 | [IBM Java SDK for July 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22007002>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-10102 | 9.0 | [IBM Java SDK for July 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22007002>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-9798 | 7.5 | Not affected | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22009782>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-7679 | 5.3 | Not affected | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22005280>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-7668 | 5.3 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22005280>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-5638 | 7.3 | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg22000122>) | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg22000122>) | \n| CVE-2017-3736 | 5.9 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-3732 | 5.3 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-3511 | 7.7 | [IBM Java SDK for April 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22003016>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-3167 | 5.3 | Not affected | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg22005280>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1788 | 5.3 | [Spoofing](<http://www-01.ibm.com/support/docview.wss?uid=swg22012341>) | Not affected | 9.0, Liberty \n| CVE-2017-1743 | 4.3 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22013601>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1741 | 4.3 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22012342>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1731 | 8.8 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg22012345>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1681 | 4.0 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22010419>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-1583 | 5.3 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22008707>) | Not affected | 8.5, 8.0, Liberty \n| CVE-2017-1504 | 5.3 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg22006803>) | Not affected | 9.0 \n| CVE-2017-1503 | 6.1 | [HTTP response splitting](<http://www-01.ibm.com/support/docview.wss?uid=swg22006815>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1501 | 5.9 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg22006810>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2017-1382 | 5.1 | [Insecure file permissions](<http://www-01.ibm.com/support/docview.wss?uid=swg22004785>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1381 | 2.9 | [Information disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22004792>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1380 | 5.4 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg22004786>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1194 | 4.3 | [Cross-site request forgery](<http://www-01.ibm.com/support/docview.wss?uid=swg22001226>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-1151 | 8.1 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg21999293>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2017-1137 | 5.9 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg21998469>) | Not affected | 8.5, 8.0 \n| CVE-2017-1121 | 5.4 | [Cross-site scripting vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21997743>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n \n**2016 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2016-1000031 | 9.8 | [Execute Code](<http://www-01.ibm.com/support/docview.wss?uid=swg22011428>) | Not affected | 9.0, 8.5, 8.0, Liberty \n| CVE-2016-9736 | 3.7 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg21991469>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2016-8934 | 5.4 | [Cross-site scripting vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21992315>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-8919 | 5.9 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21993797>) | Not affected | 9.0,8.5, 8.0, 7.0 \n| CVE-2016-8743 | 6.1 | Not affected | [Response splitting attack](<http://www-01.ibm.com/support/docview.wss?uid=swg21996847>) | 9.0,8.5, 8.0, 7.0 \n| CVE-2016-7056 | 4.0 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-5986 | 3.7 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg21990056>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5983 | 7.5 | [Gain Privileges](<http://www-01.ibm.com/support/docview.wss?uid=swg21990060>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5597 | 5.9 | [IBM Java SDK for October 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21993440>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5573 | 8.3 | [IBM Java SDK for October 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21993440>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5549 | 6.5 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5548 | 6.5 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5547 | 5.3 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5546 | 7.5 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \nHTTPOXY | CVE-2016-5387 | 8.1 | Not affected | [Redirect HTTP traffic](<http://www-01.ibm.com/support/docview.wss?uid=swg21988019>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-4975 | 6.1 | Not affected | Superseded by CVE-2016-8743 | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-4472 | 5.3 | Not affected | [Denial of Service with Expat](<http://www-01.ibm.com/support/docview.wss?uid=swg21988026>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-3485 | 2.9 | [IBM Java SDK for July 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21988339>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-3427 | 10 | [IBM Java SDK for April 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21982223>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-3426 | 4.3 | [IBM Java SDK for April 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21982223>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-3092 | 5.3 | [Apache Commons FileUpload Vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21987864>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-3042 | 5.4 | [Cross-site scripting vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21986716>) | Not affected | Liberty \n| CVE-2016-3040 | 6.3 | [Open Redirect Vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21986715>) | Not affected | Liberty \n| CVE-2016-2960 | 3.7 | [Denial of Service with SIP Services](<http://www-01.ibm.com/support/docview.wss?uid=swg21984796>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-2945 | 5.0 | [Weaker security in Liberty API discovery feature](<http://www-01.ibm.com/support/docview.wss?uid=swg21984502>) | Not affected | Liberty \n| CVE-2016-2923 | 5.3 | [Information Disclosure vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21983700>) | Not affected | Liberty \nSWEET32 | CVE-2016-2183 | 3.7 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | [IBM HTTP Server and Sweet32](<http://www-01.ibm.com/support/docview.wss?uid=swg21991548>) (21 Dec 2017) | 9.0 8.5, 8.0, 7.0, Liberty \n| CVE-2016-1182 \n \nCVE-2016-1182 | 4.8 \n \n4.8 | [Bypass Security Restrictions](<http://www-01.ibm.com/support/docview.wss?uid=swg21985995>) \n[Bypass Security Restrictions UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) (21 June 2018) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-1181 \n \nCVE-2016-1181 | 8.1 \n \n8.1 | [Execute Code](<http://www-01.ibm.com/support/docview.wss?uid=swg21985995>) \n \n[Execute Code UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) (21 June 2018) | Not affected \n \nNot affected | 9.0, 8.5, 8.0, 7.0 \n9.0, 8.5. 8.0, 7.0 \nDROWN | CVE-2016-0800 | | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21978292>) | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21978317>) | \n| CVE-2016-0718 | 9.8 | Not affected | [Denial of Service with Expat](<http://www-01.ibm.com/support/docview.wss?uid=swg21988026>) (13 Sept 2016) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-0702 | 2.9 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0 \n| CVE-2016-0488 | 4.0 | [IBM Java SDK for January 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21975424>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0475 | 5.8 | [IBM Java SDK for January 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21975424>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0466 | 5.0 | [IBM Java SDK for January 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21975424>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0389 | 5.3 | [Information Disclosure Vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21982012>) | Not affected | Liberty \n| CVE-2016-0385 | 3.1 | [Bypass security restrictions](<http://www-01.ibm.com/support/docview.wss?uid=swg21982588>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0378 | 3.7 | [Information Disclosure Vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21981529>) | Not affected | Liberty \n| CVE-2016-0377 | 4.3 | [Information Disclosure vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21980645>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2016-0360 | 8.1 | [Deserialize objects with MQ Resource adapter](<http://www-01.ibm.com/support/docview.wss?uid=swg21996748>) 14.03.2017 | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-0359 | 6.1 | [HTTP Response Splitting](<http://www-01.ibm.com/support/docview.wss?uid=swg21982526>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0306 | 3.7 | [Security vulnerability if FIPS 140-2 is enabled](<http://www-01.ibm.com/support/docview.wss?uid=swg21979231>) | Not affected | 8.5, 8.0,7.0, Liberty \n| CVE-2016-0283 | 6.1 | [Cross-site scripting vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21978293>) | Not affected | Liberty \n| CVE-2016-0201 | 5.9 | Not affected | [Vulnerability in GSKit component](<http://www-01.ibm.com/support/docview.wss?uid=swg21974507>) | 8.5, 8.0, 7.0 \n \n**2015 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \nSLOTH | CVE-2015-7575 | 7.1 | [IBM Java SDK for January 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21975424>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-7450 | 9.8 | \n\n[Vulnerability in Apache Commons affects IBM WebSphere Application Server](<https://www-01.ibm.com/support/docview.wss?uid=swg21970575>) (21 Dec 2017)\n\n[Knowledge Center updates ](<https://www.ibm.com/support/pages/node/1107105>) (14 Nov 2019)\n\n| Not affected | \n\n8.5, 8.0, 7.0, Liberty\n\n9.0 \n \n| CVE-2015-7420 | 3.7 | Not affected | [Vulnerability in GSKit component](<http://www-01.ibm.com/support/docview.wss?uid=swg21974507>) | 8.5, 8.0, 7.0 \n| CVE-2015-7417 | 5.4 | [Cross-site scripting with OAuth](<http://www-01.ibm.com/support/docview.wss?uid=swg21974520>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-5262 | 5.3 | [Denial of Service](<https://www.ibm.com/support/pages/node/6453091>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2015-5006 | 4.6 | [IBM Java SDK for October 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21969620>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-4947 | 7.5 | Not affected | [Stack buffer overflow](<http://www-01.ibm.com/support/docview.wss?uid=swg21965419>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-4938 | 3.5 | [Spoof servlet vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21963275>) | | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-4872 | 5.0 | [IBM Java SDK for October 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21969620>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-4749 | 4.3 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-4734 | 5.0 | [IBM Java SDK for October 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21969620>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \nLog Jam | CVE-2015-4000 | 4.3 | [Logjam with Diffie-Hellman ciphers](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-3183 | 6.1 | Not affected | [HTTP Request smuggling](<http://www-01.ibm.com/support/docview.wss?uid=swg21963361>) | 8.5, 8.0, 7.0, 6.1 \nBar Mitzvah | CVE-2015-2808 | 5.0 | [Vulnerability in RC4 stream cipher affects WebSphere Application Server](<https://www-01.ibm.com/support/docview.wss?uid=swg21701503>) | [Vulnerability in RC4 stream cipher affects IBM HTTP Server and Caching Proxy](<https://www-01.ibm.com/support/docview.wss?uid=swg21701072>) | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-2625 | 2.6 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-2613 | 5.0 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-2601 | 5.0 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-2017 | 5.0 | [HTTP response splitting attack](<http://www-01.ibm.com/support/docview.wss?uid=swg21966837>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-1946 | 4.1 | [Gain elevated privileges](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2015-1936 | 4 | [Hijack users session vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5, 8.0 \n| CVE-2015-1932 | 5 | [Information Disclosure vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21963275>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2015-1931 | 2.1 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-1927 | 6.8 | [Gain elevated privileges vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-1920 | 9.3 | [Security vulnerability with management port in WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21883573>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-1916 | 5.0 | [IBM Java SDK for April 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21902260>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-1885 | 9.3 | [Gain elevated privileges with OAuth grant password](<http://www-01.ibm.com/support/docview.wss?uid=swg21697368>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-1882 | 8.5 | [Gain elevated privileges with EJB](<http://www-01.ibm.com/support/docview.wss?uid=swg21697368>) | Not affected | Liberty \n| CVE-2015-1829 | 5.0 | Not affected | [Denial of Service on Windows with IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21959081>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-1788 | 5.0 | Not affected | [Denial of Service in GSKIT with IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21963362>) | 8.5, 8.0 \n| CVE-2015-1283 | 6.8 | Not affected | [Denial of Service with IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21964428>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-0899 | 4.3 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2015-0488 | 5.0 | [IBM Java SDK for April 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21902260>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-0478 | 4.3 | [IBM Java SDK for April 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21902260>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-0410 | 5.0 | [IBM Java SDK for January 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21695362>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-0400 | 5.0 | [IBM Java SDK for January 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21695362>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-0254 | 7.5 | [Security vulnerability in Apache Standard Taglibs](<http://www-01.ibm.com/support/docview.wss?uid=swg21978495>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-0250 | 4.3 | [Security vulnerability in Apache Batik](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5, 8.0, 7.0, 6.1 \nGhost | CVE-2015-0235 | | Not affected | Not affected | \n| CVE-2015-0226 | 5.0 | [Security vulnerability in Apache WSS4J](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5 \n| CVE-2015-0204 | 4.3 | [IBM Java SDK for April 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21902260>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-0174 | 3.5 | [Information disclosure with SNMP](<http://www-01.ibm.com/support/docview.wss?uid=swg21697368>) | Not affected | 8.5 \n| CVE-2015-0175 | 4.0 | [Gain elevated privileges with authData elements](<http://www-01.ibm.com/support/docview.wss?uid=swg21697368>) | Not affected | Liberty \nFREAK | CVE-2015-0138 | 4.3 | [Vulnerability with RSA export Keys affects WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21698613>) | [Vulnerability with RSA export keys affects IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21698959>) | 8.5, 8.0, 7.0, 6.1, Liberty \n \n**2014 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2014-8917 | 4.3 | [Cross-site Scripting in Dojo Toolkit](<http://www-01.ibm.com/support/docview.wss?uid=swg21697284>) | Not affected | 8.5, 8.0 \n| CVE-2014-8890 | 5.1 | [Elevated Privileges in Liberty](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | Liberty \nTLS Padding | CVE-2014-8730 | 4.3 | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21692484>) | [TLS Padding in IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21692502>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-7810 | 5.0 | [Bypass security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729557>) | [Bypass security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729557>) | 9.0, 8.5, 8.0, 7.0, Liberty \nShell shock | CVE-2014-7189 \nCVE-2014-7186 \nCVE-2014-7169 \nCVE-2014-6278 \nCVE-2014-6277 \nCVE-2014-6271 | | [Bash Vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21685433>) \n \nNot affected but applications could be | [Bash Vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21685433>) \n \nNot affected but applications could be | Customer application might be vulnerable \n| CVE-2014-6593 | 4.0 | [IBM Java SDK for January 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21695362>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-6558 | 2.6 | [IBM Java SDK for October 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21687740>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-6512 | 4.3 | [IBM Java SDK for October 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21687740>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-6457 | 4.0 | [IBM Java SDK for October 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21687740>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-6174 | 4.3 | [Click jacking vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2014-6167 | | [Cross-site scripting](<https://www-304.ibm.com/support/docview.wss?uid=swg21682767>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2014-6166 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | 8.5, 8.0 \n| CVE-2014-6164 | 4.3 | [Spoofing vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | 8.5 \n| CVE-2014-4816 | 3.5 | Not affected | [Cross-site scripting vulnerability](<https://www-304.ibm.com/support/docview.wss?uid=swg21682767>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-4770 | 3.5 | Not affected | [Cross-site request forgery](<https://www-304.ibm.com/support/docview.wss?uid=swg21682767>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-4767 | 4.3 | [Weaker than expected security](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | Not affected | Liberty \n| CVE-2014-4764 | 7.1 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | Not affected | 8.5, 8.0 \n| CVE-2014-4263 | 4.0 | [IBM Java SDK for July 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21680418>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-4244 | 4.0 | [IBM Java SDK for July 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21680418>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-3603 | 6.5 | [Spoofing](<https://www.ibm.com/support/pages/node/964764>) | Not affected | Liberty \n| CVE-2014-3577 | 4.3 | [Spoofing Vulnerability](<https://www.ibm.com/support/pages/node/6453091>) | Not affected | 9.0, 8.5, 8.0 \nPOODLE | CVE-2014-3566 | 4.3 | [IBM Java SDK for October 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21687740>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-3083 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2014-3070 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21676222>) | Not affected | 8.5, 8.0 \n| CVE-2014-3068 | 2.4 | [IBM Java SDK for July 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21680418>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-3022 | 5.0 | [Bypass security](<https://www-304.ibm.com/support/docview.wss?uid=swg21676222>) | Not affected | 8.5, 8.0 \n| CVE-2014-3021 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2014-0965 | 4.3 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2014-0964 | 7.1 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21671835>) | Not affected | 6.1 \n| CVE-2014-0963 | 7.1 | Not affected | [CPU exhaustion](<https://www-304.ibm.com/support/docview.wss?uid=swg21672843>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-0896 | 4.3 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | Liberty \n| CVE-2014-0891 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2014-0878 | 5.8 | [IBM Java SDK for April 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21673013>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0859 | 5.0 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2014-0857 | 4.0 | [Obtain Information](<http://www-01.ibm.com/support/docview.wss?uid=swg21671835>) | Not affected | 8.5, 8.0 \n| CVE-2014-0823 | 4.3 | [View Files](<http://www-01.ibm.com/support/docview.wss?uid=swg21671835>) | Not affected | 8.5, 8.0, Liberty \n| CVE-2014-0460 | 5.8 | [IBM Java SDK for April 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21673013>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0453 | 4.0 | [IBM Java SDK for April 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21673013>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0411 | 4.0 | [IBM Java SDK for January 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21663938>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0231 | 5.0 | Not affected | [Denial of Service](<https://www-304.ibm.com/support/docview.wss?uid=swg21672428>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-0226 | 7.5 | Not affected | [Heap buffer overflow](<https://www-304.ibm.com/support/docview.wss?uid=swg21672428>) | 8.5, 8.0, 7.0, 6.1, 6.0 \nHeartbleed | CVE-2014-0160 | | [Not affected Bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21669774>) | [Not affected Bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21669774>) | \n| CVE-2014-0118 | 5.0 | Not affected | [Denial of Service](<https://www-304.ibm.com/support/docview.wss?uid=swg21672428>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-0114 \nCVE-2014-0114 | 7.5 \n7.5 | [Execute code](<http://www-01.ibm.com/support/docview.wss?uid=swg21672316>) \n[Execute code UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) (21 June 2018) | Not affected | 7.0, 6.1 \n9.0, 8.5, 8.0, 7.0 \n| CVE-2014-0098 | 5.0 | Not affected | [Denial of service](<https://www-304.ibm.com/support/docview.wss?uid=swg21667526>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0076 | 2.1 | Not affected | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | 8.5, 8.0 \n| CVE-2014-0050 | 5.0 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21667254>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n \n**2013 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2013-6747 | 7.1 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | 8.5, 8.0, 7.0 \n| CVE-2013-6738 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2013-6725 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21661323>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-6440 | 4.3 | [XML External Entity](<http://www-01.ibm.com/support/docview.wss?uid=swg22010415>) | Not affected | Liberty \n| CVE-2013-6438 | 4.3 | Not affected | [Buffer overflow](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | 8.5, 8.0, 7.0 \n| CVE-2013-6330 | 2.1 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21661323>) | Not affected | 7.0 \n| CVE-2013-6329 | 7.8 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21659548>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-6325 | 4.3 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21661323>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-6323 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-5802 | 2.6 | [IBM Java SDK for Oct 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21655990>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-5780 | 4.3 | [IBM Java SDK for Oct 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21655990>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-5704 | 5 | Not affected | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21672428>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-5425 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5 \n| CVE-2013-5418 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-5417 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5, 8.0, 7.0 Liberty \n| CVE-2013-5414 | 3.5 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-5372 | 4.3 | [IBM Java SDK for Oct 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21655990>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-4053 | 6.8 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg21647522>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-4052 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21647522>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-4039 | 4 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21647485>) | Not affected | 8.5 \n| CVE-2013-4006 | 3.5 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | Liberty \n| CVE-2013-4005 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21644047>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-4004 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21644047>) | Not affected | 8.5, 8.0 \n| CVE-2013-3029 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21640799>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-3024 | 6.9 | [Execute code](<http://www-01.ibm.com/support/docview.wss?uid=swg21639553>) | Not affected | 8.5 \n| CVE-2013-2976 | 1.9 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21639553>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-2967 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21639553>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-1896 | 4.3 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21643362>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-1862 | 5.1 | Not affected | [Command execution](<http://www-01.ibm.com/support/docview.wss?uid=swg21635991>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-1768 | 10 | [Deserialization](<http://www-01.ibm.com/support/docview.wss?uid=swg21635999>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2013-1571 | 4.3 | [Clickjacking](<http://www-01.ibm.com/support/docview.wss?uid=swg21641387>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0599 | 5 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5 \n| CVE-2013-0597 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21635998>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2013-0596 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21647522>) | Not affected | 6.1 \n| CVE-2013-0565 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5 \n| CVE-2013-0544 | 3.5 | [File directory traversal](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0543 | 6.8 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0542 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0541 | 1.9 | [Buffer overflow](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0540 | 4.9 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | Liberty \n| CVE-2013-0482 | 2.6 | [Spoofing](<http://www-01.ibm.com/support/docview.wss?uid=swg21634646>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0467 | 4 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5 \n| CVE-2013-0464 | 4.3 | [Execute code](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5, 8.0, \n| CVE-2013-0462 | 6.5 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2013-0461 | 1.2 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21622444>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0460 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21622444>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0459 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21622444>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0458 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21622444>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0443 | 4 | [IBM Java SDK for Feb 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21627634>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0440 | 5 | [IBM Java SDK for Feb 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21627634>) | Not affected | 8.5, 8.0, 7.0, 6.1 \nLucky Thirteen | CVE-2013-0169 | 4.3 | [IBM Java SDK for Feb 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21627634>) | [Side Channel Attack](<http://www-01.ibm.com/support/docview.wss?uid=swg21635988>) | 8.5, 8.0, 7.0, 6.1 \n \n**2012 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2012-6153 | 4.3 | [Spoofing Vulnerability](<https://www.ibm.com/support/pages/node/6453091>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2012-5783 | 4.3 | [Spoofing attacks](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2012-4853 | 4.3 | [Cross-site request Forgery](<http://www-01.ibm.com/support/docview.wss?uid=swg21614265>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-4851 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21614265>) | Not affected | Liberty \n| CVE-2012-4850 | 7.5 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg21614265>) | Not affected | Liberty \n| CVE-2012-3330 | 5 | [Denial of Servic](<http://www-01.ibm.com/support/docview.wss?uid=swg21614265>)e | Not affected | 8.5, 8.0, 7.0 \n| CVE-2012-3325 | 6 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21609067>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-3311 | 3 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2012-3306 | 4.3 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2012-3305 | 5.8 | [File directory traversal](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-3304 | 6.8 | [Hijack session](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-3293 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-2191 | 5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21606096>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-2190 | 5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21606096>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-2170 | 4.3 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21595172>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2012-2159 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21606096>) | Not affected | 8.5, 8.0 \n| CVE-2012-2098 | 5 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21644047>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-1148 | 5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21988026>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2012-1007 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2012-0876 | 5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21988026>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2012-0720 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2012-0717 | 2.6 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 7.0, 6.1 \n| CVE-2012-0716 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2012-0193 | 5 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n \n**2011 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2011-4889 | 5 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2011-4343 | 5 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg22008707>) | Not affected | 8.5, 8.0, Liberty \n| CVE-2011-1498 | 5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6453091>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2011-1377 | 2.1 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg21589257>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2011-1376 | 4.4 | [Insecure permissions](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n \n**Important note: **IBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [System z Security web site](<https://www.ibm.com/it-infrastructure/z/capabilities/system-integrity>). Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk.\n\n[{\"Product\":{\"code\":\"SSEQTP\",\"label\":\"WebSphere Application Server\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Security\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF012\",\"label\":\"IBM i\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF035\",\"label\":\"z\\/OS\"}],\"Version\":\"9.0.0.0;8.5.5;8.5;8.0;7.0;6.1\",\"Edition\":\"Advanced;Base;Developer;Express;Liberty;Network Deployment\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Product\":{\"code\":\"SSEQTJ\",\"label\":\"IBM HTTP Server\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud \\u0026 Data Platform\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SSCKBL\",\"label\":\"WebSphere Application Server Hypervisor Edition\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Product\":{\"code\":\"SSD28V\",\"label\":\"WebSphere Application Server Liberty Core\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-07-13T18:04:48", "type": "ibm", "title": "WebSphere Application Server and IBM HTTP Server Security Bulletin List", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1376", "CVE-2011-1377", "CVE-2011-1498", "CVE-2011-4343", "CVE-2011-4889", "CVE-2012-0193", "CVE-2012-0716", "CVE-2012-0717", "CVE-2012-0720", "CVE-2012-0876", "CVE-2012-1007", "CVE-2012-1148", "CVE-2012-2098", "CVE-2012-2159", "CVE-2012-2170", "CVE-2012-2190", "CVE-2012-2191", "CVE-2012-3293", "CVE-2012-3304", "CVE-2012-3305", "CVE-2012-3306", "CVE-2012-3311", "CVE-2012-3325", "CVE-2012-3330", "CVE-2012-4850", "CVE-2012-4851", "CVE-2012-4853", "CVE-2012-5783", "CVE-2012-6153", "CVE-2013-0169", "CVE-2013-0440", "CVE-2013-0443", "CVE-2013-0458", "CVE-2013-0459", "CVE-2013-0460", "CVE-2013-0461", "CVE-2013-0462", "CVE-2013-0464", "CVE-2013-0467", "CVE-2013-0482", "CVE-2013-0540", "CVE-2013-0541", "CVE-2013-0542", "CVE-2013-0543", "CVE-2013-0544", "CVE-2013-0565", "CVE-2013-0596", "CVE-2013-0597", "CVE-2013-0599", "CVE-2013-1571", "CVE-2013-1768", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-2967", "CVE-2013-2976", "CVE-2013-3024", "CVE-2013-3029", "CVE-2013-4004", "CVE-2013-4005", "CVE-2013-4006", "CVE-2013-4039", "CVE-2013-4052", "CVE-2013-4053", "CVE-2013-5372", "CVE-2013-5414", "CVE-2013-5417", "CVE-2013-5418", "CVE-2013-5425", "CVE-2013-5704", "CVE-2013-5780", "CVE-2013-5802", "CVE-2013-6323", "CVE-2013-6325", "CVE-2013-6329", "CVE-2013-6330", "CVE-2013-6438", "CVE-2013-6440", "CVE-2013-6725", "CVE-2013-6738", "CVE-2013-6747", "CVE-2014-0050", "CVE-2014-0076", "CVE-2014-0098", "CVE-2014-0114", "CVE-2014-0118", "CVE-2014-0160", "CVE-2014-0226", "CVE-2014-0231", "CVE-2014-0411", "CVE-2014-0453", "CVE-2014-0460", "CVE-2014-0823", "CVE-2014-0857", "CVE-2014-0859", "CVE-2014-0878", "CVE-2014-0891", "CVE-2014-0896", "CVE-2014-0963", "CVE-2014-0964", "CVE-2014-0965", "CVE-2014-3021", "CVE-2014-3022", "CVE-2014-3068", "CVE-2014-3070", "CVE-2014-3083", "CVE-2014-3566", "CVE-2014-3577", "CVE-2014-3603", "CVE-2014-4244", "CVE-2014-4263", "CVE-2014-4764", "CVE-2014-4767", "CVE-2014-4770", "CVE-2014-4816", "CVE-2014-6164", "CVE-2014-6166", "CVE-2014-6167", "CVE-2014-6174", "CVE-2014-6271", "CVE-2014-6277", "CVE-2014-6278", "CVE-2014-6457", "CVE-2014-6512", "CVE-2014-6558", "CVE-2014-6593", "CVE-2014-7169", "CVE-2014-7186", "CVE-2014-7189", "CVE-2014-7810", "CVE-2014-8730", "CVE-2014-8890", "CVE-2014-8917", "CVE-2015-0138", "CVE-2015-0174", "CVE-2015-0175", "CVE-2015-0204", "CVE-2015-0226", "CVE-2015-0235", "CVE-2015-0250", "CVE-2015-0254", "CVE-2015-0400", "CVE-2015-0410", "CVE-2015-0478", "CVE-2015-0488", "CVE-2015-0899", "CVE-2015-1283", "CVE-2015-1788", "CVE-2015-1829", "CVE-2015-1882", "CVE-2015-1885", "CVE-2015-1916", "CVE-2015-1920", "CVE-2015-1927", "CVE-2015-1931", "CVE-2015-1932", "CVE-2015-1936", "CVE-2015-1946", "CVE-2015-2017", "CVE-2015-2601", "CVE-2015-2613", "CVE-2015-2625", "CVE-2015-2808", "CVE-2015-3183", "CVE-2015-4000", "CVE-2015-4734", "CVE-2015-4749", "CVE-2015-4872", "CVE-2015-4938", "CVE-2015-4947", "CVE-2015-5006", "CVE-2015-5262", "CVE-2015-7417", "CVE-2015-7420", "CVE-2015-7450", "CVE-2015-7575", "CVE-2016-0201", "CVE-2016-0283", "CVE-2016-0306", "CVE-2016-0359", "CVE-2016-0360", "CVE-2016-0377", "CVE-2016-0378", "CVE-2016-0385", "CVE-2016-0389", "CVE-2016-0466", "CVE-2016-0475", "CVE-2016-0488", "CVE-2016-0702", "CVE-2016-0718", "CVE-2016-0800", "CVE-2016-1000031", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-2183", "CVE-2016-2923", "CVE-2016-2945", "CVE-2016-2960", "CVE-2016-3040", "CVE-2016-3042", "CVE-2016-3092", "CVE-2016-3426", "CVE-2016-3427", "CVE-2016-3485", "CVE-2016-4472", "CVE-2016-4975", "CVE-2016-5387", "CVE-2016-5546", "CVE-2016-5547", "CVE-2016-5548", "CVE-2016-5549", "CVE-2016-5573", "CVE-2016-5597", "CVE-2016-5983", "CVE-2016-5986", "CVE-2016-7056", "CVE-2016-8743", "CVE-2016-8919", "CVE-2016-8934", "CVE-2016-9736", "CVE-2017-10102", "CVE-2017-10115", "CVE-2017-10116", "CVE-2017-10356", "CVE-2017-10388", "CVE-2017-1121", "CVE-2017-1137", "CVE-2017-1151", "CVE-2017-1194", "CVE-2017-12613", "CVE-2017-12618", "CVE-2017-12624", "CVE-2017-1380", "CVE-2017-1381", "CVE-2017-1382", "CVE-2017-1501", "CVE-2017-1503", "CVE-2017-1504", "CVE-2017-15710", "CVE-2017-15715", "CVE-2017-1583", "CVE-2017-1681", "CVE-2017-1731", "CVE-2017-1741", "CVE-2017-1743", "CVE-2017-1788", "CVE-2017-3167", "CVE-2017-3511", "CVE-2017-3732", "CVE-2017-3736", "CVE-2017-5638", "CVE-2017-7668", "CVE-2017-7679", "CVE-2017-9798", "CVE-2018-10237", "CVE-2018-12539", "CVE-2018-12547", "CVE-2018-1301", "CVE-2018-1388", "CVE-2018-1426", "CVE-2018-1427", "CVE-2018-1447", "CVE-2018-1553", "CVE-2018-1567", "CVE-2018-1614", "CVE-2018-1621", "CVE-2018-1626", "CVE-2018-1643", "CVE-2018-1656", "CVE-2018-1683", "CVE-2018-1695", "CVE-2018-1719", "CVE-2018-17199", "CVE-2018-1755", "CVE-2018-1767", "CVE-2018-1770", "CVE-2018-1777", "CVE-2018-1793", "CVE-2018-1794", "CVE-2018-1797", "CVE-2018-1798", "CVE-2018-1840", "CVE-2018-1851", "CVE-2018-1890", "CVE-2018-1901", "CVE-2018-1902", "CVE-2018-1904", "CVE-2018-1905", "CVE-2018-1926", "CVE-2018-1957", "CVE-2018-1996", "CVE-2018-20843", "CVE-2018-25031", "CVE-2018-2579", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2637", "CVE-2018-2783", "CVE-2018-2800", "CVE-2018-3139", "CVE-2018-3180", "CVE-2018-8039", "CVE-2019-0211", "CVE-2019-0220", "CVE-2019-10086", "CVE-2019-10092", "CVE-2019-10098", "CVE-2019-11777", "CVE-2019-12402", "CVE-2019-12406", "CVE-2019-17495", "CVE-2019-17566", "CVE-2019-17573", "CVE-2019-2426", "CVE-2019-2949", "CVE-2019-2989", "CVE-2019-4030", "CVE-2019-4046", "CVE-2019-4080", "CVE-2019-4268", "CVE-2019-4269", "CVE-2019-4270", "CVE-2019-4271", "CVE-2019-4279", "CVE-2019-4285", "CVE-2019-4304", "CVE-2019-4305", "CVE-2019-4441", "CVE-2019-4442", "CVE-2019-4477", "CVE-2019-4505", "CVE-2019-4663", "CVE-2019-4670", "CVE-2019-4720", "CVE-2019-4732", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518", "CVE-2020-10693", "CVE-2020-11985", "CVE-2020-13938", "CVE-2020-14577", "CVE-2020-14578", "CVE-2020-14579", "CVE-2020-14581", "CVE-2020-14621", "CVE-2020-14781", "CVE-2020-14782", "CVE-2020-14797", "CVE-2020-1927", "CVE-2020-1934", "CVE-2020-2590", "CVE-2020-2593", "CVE-2020-2601", "CVE-2020-2654", "CVE-2020-27221", "CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-4163", "CVE-2020-4276", "CVE-2020-4303", "CVE-2020-4304", "CVE-2020-4329", "CVE-2020-4362", "CVE-2020-4365", "CVE-2020-4421", "CVE-2020-4448", "CVE-2020-4449", "CVE-2020-4450", "CVE-2020-4464", "CVE-2020-4534", "CVE-2020-4575", "CVE-2020-4576", "CVE-2020-4578", "CVE-2020-4589", "CVE-2020-4590", "CVE-2020-4629", "CVE-2020-4643", "CVE-2020-4782", "CVE-2020-4949", "CVE-2020-5016", "CVE-2020-5258", "CVE-2021-20353", "CVE-2021-20354", "CVE-2021-20453", "CVE-2021-20454", "CVE-2021-20480", "CVE-2021-20492", "CVE-2021-20517", "CVE-2021-2161", "CVE-2021-23450", "CVE-2021-2369", "CVE-2021-26296", "CVE-2021-26690", "CVE-2021-26691", "CVE-2021-29736", "CVE-2021-29754", "CVE-2021-29842", "CVE-2021-30641", "CVE-2021-34798", "CVE-2021-35517", "CVE-2021-35550", "CVE-2021-35564", "CVE-2021-35578", "CVE-2021-35603", "CVE-2021-36090", "CVE-2021-38951", "CVE-2021-39031", "CVE-2021-39038", "CVE-2021-39275", "CVE-2021-40438", "CVE-2021-4104", "CVE-2021-44224", "CVE-2021-44228", "CVE-2021-44790", "CVE-2021-44832", "CVE-2021-45046", "CVE-2021-45105", "CVE-2021-45960", "CVE-2021-46143", "CVE-2021-46708", "CVE-2022-21229", "CVE-2022-21299", "CVE-2022-21340", "CVE-2022-21496", "CVE-2022-22310", "CVE-2022-22365", "CVE-2022-22393", "CVE-2022-22473", "CVE-2022-22475", "CVE-2022-22476", "CVE-2022-22477", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-22822", "CVE-2022-22823", "CVE-2022-22824", "CVE-2022-22825", "CVE-2022-22826", "CVE-2022-22827", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307", "CVE-2022-23852", "CVE-2022-23990", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25313", "CVE-2022-25315", "CVE-2022-26377", "CVE-2022-28614", "CVE-2022-28615", "CVE-2022-29404", "CVE-2022-30556", "CVE-2022-31813"], "modified": "2022-07-13T18:04:48", "id": "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "href": "https://www.ibm.com/support/pages/node/710969", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2023-02-09T10:04:52", "description": "The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages.", "cvss3": {}, "published": "2014-05-08T10:55:00", "type": "cve", "title": "CVE-2014-0963", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0963"], "modified": "2017-08-29T01:34:00", "cpe": ["cpe:/a:ibm:security_access_manager_for_web_software:7.0", "cpe:/h:ibm:security_access_manager_for_web_appliance:8.0", "cpe:/a:ibm:security_access_manager_for_web_software:8.0", "cpe:/h:ibm:security_access_manager_for_web_appliance:7.0"], "id": "CVE-2014-0963", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0963", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_access_manager_for_web_software:8.0:*:*:*:*:*:*:*", "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*", "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*"]}]}