Lucene search
K

19 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 10:6 p.m.17 views

Security Bulletin: Multiple security vulnerabilities have been identified in GSKit, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2018-1447).

Summary GSKit is shipped with IBM Tivoli Network Manager IP Edition. Information about security vulnerabilities affecting GSKit has been published here. Vulnerability Details CVEID: CVE-2018-1447 DESCRIPTION: The GSKit CMS KDB logic fails to salt the hash function resulting in weaker than expecte...

8.1CVSS7.7AI score0.00931EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/01 11:19 a.m.40 views

Security Bulletin: Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for Unix

Summary There are multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for Unix. IBM Spectrum Protect Snapshot for Unix has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL coul...

10CVSS8.9AI score0.26335EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/01 11:19 a.m.51 views

Security Bulletin: Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for VMware

Summary There are multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for VMware. IBM Spectrum Protect Snapshot for VMware has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL...

10CVSS8.9AI score0.26335EPSS
Exploits1Affected Software2
Tenable Nessus
Tenable Nessus
added 2021/01/06 12:0 a.m.48 views

IBM HTTP Server 7.0.0.0 <= 7.0.0.43 / 8.0.0.0 <= 8.0.0.14 / 8.5.0.0 < 8.5.5.14 / 9.0.0.0 < 9.0.0.8 Multiple Vulnerabilities (569301)

The version of IBM HTTP Server running on the remote host is affected by multiple vulnerabilities, including the following: - IBM GSKit IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 duplicates the PRNG state across fork system calls when multiple ICC instances are loaded which cou...

9.1CVSS7.1AI score0.15934EPSS
Exploits1References8
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/28 8:20 p.m.57 views

Security Bulletin: Multiple vulnerabilities in IBM GSKit affect Rational Directory Server (Tivoli)

Summary There are multiple security vulnerabilities in IBM® GSKit version 8. GSKit is used by IBM Rational Directory Server Tivoli. Vulnerability Details CVEID: CVE-2018-1427 DESCRIPTION: IBM GSKit contains several environment variables that a local attacker could overflow and cause a denial of...

9.1CVSS0.6AI score0.0251EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/28 2:5 p.m.26 views

Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server in IBM Cloud

Summary There are multiple security vulnerabilities that affect IBM WebSphere Application Server in IBM Cloud. Vulnerability Details CVEID: CVE-2017-1743 DESCRIPTION: IBM WebSphere Application Server could allow a remote attacker to obtain sensitive information caused by improper handling of...

9.1CVSS0.9AI score0.96121EPSS
Exploits6Affected Software1
IBM AIX
IBM AIX
added 2018/12/14 12:9 p.m.162 views

Vulnerabilities in GSKit affect IBM Tivoli Directory Server and IBM Security Directory Server for AIX

IBM SECURITY ADVISORY First Issued: Fri Dec 14 12:09:04 CST 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/itdsadvisory2.asc https://aix.software.ibm.com/aix/efixes/security/itdsadvisory2.asc...

9.1CVSS0.2AI score0.0251EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/29 3:0 p.m.44 views

Security Bulletin: Multiple vulnerabilities GSKit bundled with IBM HTTP Server

Summary There are multiple vulnerabilities in the GSKit component that is included in the IBM HTTP Server used by WebSphere Application Server. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive information, caused by a side-channel...

9.1CVSS0.5AI score0.15934EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 12:29 p.m.27 views

Security Bulletin:A vulnerability in GSKit and GSKit-Crypto affects IBM Performance Management products (CVE-2018-1447)

Summary A vulnerability in GSKit and GSKit-Crypto affects IBM Performance Management products. The GSKit CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of passwords. A weak password may be recovered. Note: After update the customer should change passwor...

8.1CVSS0.9AI score0.00931EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/26 9:5 p.m.21 views

Security Bulletin: Vulnerability in IBM GSKit affect IBM Personal Communications

Summary GSKit is an IBM component that is used by IBM Personal Communications. GSKit that is shipped with IBM Personal Communications contains security vulnerability. IBM Personal Communications has addressed the same. Vulnerability Details CVEID: CVE-2018-1447 DESCRIPTION: The GSKit CMS KDB logi...

8.1CVSS0.6AI score0.00931EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/19 8:30 a.m.44 views

Security Bulletin: IBM Security SiteProtector System is affected by GSKit vulnerabilities

Summary IBM Security SiteProtector System has addressed the following vulnerabilities in GSKit. Vulnerability Details CVEID: CVE-2018-1428 DESCRIPTION: IBM GSKit uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base Scor...

9.1CVSS0.7AI score0.0251EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/02 6:45 p.m.49 views

Security Bulletin: FileNet Capture is affected by GSKit and GSKit-Crypto vulnerabilities

Summary FileNet Capture has addressed multiple GSKit and GSKit-Crypto vulnerabilities. Vulnerability Details CVEID: CVE-2017-3732 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a carry propagating bug in the x8664 Montgomery squaring procedure. An...

8.1CVSS0.2AI score0.15934EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:50 p.m.22 views

Security Bulletin: Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect (formerly Tivoli Storage Manager) Server

Summary There are multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect formerly Tivoli Storage Manager Server. The IBM Spectrum Protect Server has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL could allow a local attacker to...

10CVSS0.7AI score0.26335EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:50 p.m.37 views

Security Bulletin: Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware

Summary There are multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect formerly Tivoli Storage Manager for Virtual Environments: Data Protection for VMware. IBM Spectrum Protect for Virtual Environments: Data Protection for VMware has addressed the applicable CVEs...

10CVSS0.7AI score0.26335EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:26 a.m.28 views

Security Bulletin: Multiple security vulnerabilities have been identified in GSKit shipped with IBM ClearQuest (CVE-2016-0702, CVE-2018-1447, CVE-2018-1427, CVE-2016-0705)

Summary Vulnerabilities have been addressed in the GSKit component of IBM Rational ClearQuest. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive information, caused by a side-channel attack against a system based on the Intel...

10CVSS1AI score0.26335EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:7 p.m.25 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway (CVE-2018-1447)

Summary IBM WebSphere Application Server is shipped as a component of IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway. Information about multiple security vulnerabilities affecting the IBM HTTP server component of IBM WebSphere Application Server h...

0.2AI score0.00931EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:7 p.m.38 views

Security Bulletin: IBM Security Network Protection is affected by multiple vulnerabilities

Summary Multiple security vulnerabilities CVE-2018-1426, CVE-2018-1427, CVE-2018-1428, CVE-2017-3736, CVE-2017-3732, CVE-2016-0705, and CVE-2018-1447 have been discovered in GSKit used with IBM Security Network Protection. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is...

10CVSS0.7AI score0.26335EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 2:19 p.m.22 views

Security Bulletin: Vulnerabilities in GSKit affect IBM SPSS Modeler (CVE-2018-1447)

Summary Vulnerabilities were discovered in GSKit. IBM SPSS Modeler uses GSKit and addressed the applicable CVE. Vulnerability Details CVEID: CVE-2018-1447 DESCRIPTION: The GSKit CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of passwords. A weak passwor...

8.1CVSS0.2AI score0.00931EPSS
Exploits0Affected Software1
CVE
CVE
added 2018/04/04 6:0 p.m.77 views

CVE-2018-1447

CVE-2018-1447 affects the GSKit CMS KDB logic used with IBM Spectrum Protect 7.1/7.2 and IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6, where the hashing process is not salted, yielding weaker password protection and potential password recovery. The vulnerability is discussed in IBM GSKit...

8.1CVSS6.7AI score0.00931EPSS
Exploits0References7Affected Software2
Rows per page
Query Builder