Security Bulletin: IBM Real-time Compression Appliance is exposed to the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298.

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. IBM Real-time Compression Appliance is exposed to CVE-2014-0224, CVE-2014-0198, CVE-2010-5298. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable...

Security Bulletin: IBM Storwize V7000 Unified systems are affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0160 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerabilit...

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation

Summary OpenSSL vulnerabilities were disclosed on Nov 02, 2017 onward by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs. Vulnerability Details CVEID:...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Service Delivery Manager

Summary OpenSSL vulnerabilities were disclosed on September 22, 2016 by the OpenSSL Project. OpenSSL is installed on the operating system shipped via IBM Service Delivery Manager. IBM Service Delivery Manager has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6303 DESCRIPTIO...

Security Bulletin: Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect for Workstations (formerly Tivoli Storage Manager FastBack for Workstations)

Summary There are multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect for Workstations formerly Tivoli Storage Manager for Workstations. IBM Spectrum Protect for Workstations has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Tivoli Network Manager IP Edition 3.9 Fix Pack 4.

Summary OpenSSL vulnerabilities were disclosed on January 28, 2016 and March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM Tivoli Network Manager IP Edition 3.9 Fix Pack 4. IBM Tivoli Network Manager IP Edition has addressed the applicable CVEs including the “DROWN: Decrypting RSA with...

Security Bulletin: Vulnerabilities in OpenSSL affects IBM Tivoli Composite Application Manager for Transactions (CVE-2015-3194, CVE-2015-3195, CVE-2015-3196)

Summary Vulnerabilities in OpenSSL were disclosed on Jan 28, 2016 by openssl.org. OpenSSL 1.0.1s, used by IBM Tivoli Composite Application Manager for Transactions, has addressed these vulnerabilities. Vulnerability Details CVE-ID: CVE-2015-3194 DESCRIPTION: OpenSSL is vulnerable to a denial of...

Security Bulletin: IBM MessageSight is affected by the following OpenSSL vulnerabilities: (CVE-2014-0224, and CVE-2014-0195)

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients an...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Tivoli Netcool/Reporter (CVE's: 2015-0209, 2015-0286, 2015-0287, 2015-0288, 2015-0289, 2015-0292, 2015-0293)

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by IBM Tivoli Netcool/Reporter. Netcool/Reporter has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0209 DESCRIPTION: OpenSSL could allow a remote attacker to execute...

Security Bulletin: IBM Tivoli Storage FlashCopy Manager 4.1 and 3.2 UNIX and VMware is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298, CVE-ID: CVE-2014-3470

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients an...

Security Bulletin: Tivoli Management Framework is affected by the following OpenSSL vulnerabilities: CVE-2014-3508 CVE-2014-5139 CVE-2014-3509 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 (POODLE Attack) CVE-2014-3567 CVE-2014-3568.

Summary Tivoli Management Framework is affected by the following OpenSSL vulnerabilities: CVE-2014-3508 CVE-2014-5139 CVE-2014-3509 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 POODLE Attack CVE-2014-3567 CVE-2014-3568...

Security Bulletin: Tivoli Workload Scheduler is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-3470

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients and...

Security Bulletin: IBM Tivoli Network Manager IP Edition V39 Fix Pack 4 HTTPS support for Perl Collector install is affected by the following OpenSSL vulnerabilities: (CVE-2014-0224, CVE-2014-0221, CVE-2014-0195 and CVE-2014-3470)

Summary Security vulnerabilities have been discovered in OpenSSL 9.7d package that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/T...

Security Bulletin: IBM Tivoli Netcool System Service Monitors/Application Service Monitors is affected by the following OpenSSL vulnerabilities: (CVE-2014-0224, CVE-2014-0221, CVE-2014-0195 and CVE-2014-3470)

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients an...

Security Bulletin: IBM Tivoli Composite Application Manager for Transactions is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0160 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerabilit...

Security Bulletin: Tivoli Management Framework is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0160 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerabilit...

Security Bulletin: Vulnerabilities in OpenSSL affect Rational Reporting for Development Intelligence (CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293)

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by Rational Reporting for Development Intelligence RRDI. RRDI has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0286 DESCRIPTION: OpenSSL is vulnerable to a denial of...

Security Bulletin: IBM Rational ClearCase update for security vulnerabilities in OpenSSL component

Summary IBM Rational ClearCase uses the OpenSSL component for establishing SSL connections. ClearCase now ships an updated version of OpenSSL on Unix and Linux platforms, and uses a new component called IBM GSKit on Windows which also mitigates against the OpenSSL vulnerabilities. Vulnerability...

Security Bulletin: IBM Security Access Manager for Mobile is affected by vulnerabilities in OpenSSL (CVE-2016-0797, CVE-2016-0705)

Summary Vulnerabilities in OpenSSL affect IBM Security Access Manager for Mobile. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error when parsing DSA private keys. An attacker could exploit this vulnerability to...

Security Bulletin: IBM Security Access Manager for Web is affected by vulnerabilities in OpenSSL (CVE-2016-0797, CVE-2016-0705)

Summary Vulnerabilities in OpenSSL affect IBM Security Access Manager for Web. Vulnerability Details CVEID: CVE-2016-0797 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in the BNhex2bn/BNdec2bn function. An attacker could exploit this vulnerability...