Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - April 2014

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7, IBM SDK Java Technology Edition, Version 6, and IBM SDK Java 2 Technology Edition, Version 5 that are used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updat...

Security Bulletin: Vulnerability in SSLv3 affects IBM Virtualization Engine TS7700 (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Virtualization Engine TS7700. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain...

Security Bulletin: IBM Virtualization Engine TS7700 – Insufficient Restrictions on SSH Users (CVE-2014-3048)

Summary Unprivileged users may be able to invoke privileged commands via SSH. With the right type of network access to the hardware, a skilled user could figure out a way to craft an SSH command to grant themselves privileged access, allowing the user to issue all administrative commands, with th...

RHEL 7 : Virtualization Manager (RHSA-2018:1674) (Spectre)

An update for rhvm-setup-plugins is now available for Red Hat Virtualization Engine 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2014-3048

Unspecified vulnerability on the IBM System Storage Virtualization Engine TS7700 allows local users to gain privileges by leveraging the TSSC service-user role to enter a crafted SSH command...