Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMF56D0F0CD83206F5BEF7916805DB1F0F4C79538DBA96F17ACD5036373972405B
HistoryJun 16, 2018 - 9:38 p.m.

Security Bulletin: A security vulnerability has been identified in the GSKit component of IBM Security Access Manager for Web (CVE-2016-0201)

2018-06-1621:38:55
www.ibm.com
12

EPSS

0.003

Percentile

68.2%

JSON

Summary

A vulnerability has been addressed in the GSKit component of IBM Security Access Manager for Web.

Vulnerability Details

CVEID: CVE-2016-0201**
DESCRIPTION:** IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a MD5 collision. An attacker could exploit this vulnerability to obtain authentication credentials.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/109310 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

IBM Security Access Manager for Web 7.0 (software)
IBM Security Access Manager for Web 7.0 appliances, all firmware versions
IBM Security Access Manager for Web 8.0 appliances, all firmware versions
IBM Security Access Manager 9.0 appliances, all firmware versions

Remediation/Fixes

The table below provides links to patches for all affected versions. Follow the installation instructions in the README file included with the patch.

Product VRMF APAR Remediation
IBM Security Access Manager for Web 7.0 - 7.0.0.20 (software installations) IV80755 1. Apply Interim Fix 21:
7.0.0-ISS-SAM-IF0021
IBM Security Access Manager for Web 7.0 - 7.0.0.20 (appliances) IV80755 1. Apply Interim Fix 21:
7.0.0-ISS-WGA-IF0021
IBM Security Access Manager for Web 8.0 - 8.0.1.3 IV80132 1. For 8.0-8.0.1.2 environments, upgrade to 8.0.1.3:
8.0.1-ISS-WGA-FP0003** **
2. Apply 8.0.1.3 Interim Fix 4:8.0.1.3-ISS-WGA-IF0004
IBM Security Access Manager 9.0 - 9.0.0.1 IV80132 1. For 9.0 environments, upgrade to 9.0.0.1:
9.0.0-ISS-ISAM-FP0001
2. Apply 9.0.0.1 Interim Fix 1:
9.0.0.1-ISS-ISAM-IF0001

Related

openvas 1
ibm 48
cvelist 1
cve 1
prion 1
nvd 1
nessus 1
openvas
openvas
IBM Security Network Protection Information Disclosure Vulnerability
2017-01-10 00:00:00
ibm
ibm
Security Bulletin: A vulnerability in the GSKit component of IBM Tivoli Storage FlashCopy Manager for UNIX and VMware (CVE-2016-0201)
2018-06-17 15:16:55
Security Bulletin: A vulnerability in the GSKit component of IBM MQ Appliance (CVE-2016-0201)
2018-06-15 07:04:31
Security Bulletin: A vulnerability in the GSKit component of IBM Security Network Intrusion Prevention System (CVE-2016-0201)
2022-02-23 19:48:26
cvelist
cvelist
CVE-2016-0201
2016-01-18 02:00:00
cve
cve
CVE-2016-0201
2016-01-18 05:59:07
prion
prion
Code injection
2016-01-18 05:59:00
nvd
nvd
CVE-2016-0201
2016-01-18 05:59:07
nessus
nessus
IBM HTTP Server 8.5.0.0 <= 8.5.5.8 / 8.0.0.0 <= 8.0.0.12 Multiple Vulnerabilities (538705)
2020-12-11 00:00:00

EPSS

0.003

Percentile

68.2%

JSON
Related for F56D0F0CD83206F5BEF7916805DB1F0F4C79538DBA96F17ACD5036373972405B
openvas1ibm48cvelist1cve1prion1nvd1nessus1