31 matches found
Security Bulletin: Flex System Manager (FSM) June 2013 Java Vulnerabilities
Summary Multiple security vulnerabilities exist in the IBM Java SDK that is shipped with the IBM FSM. Vulnerability Details Abstract Multiple security vulnerabilities exist in the IBM Java SDK that is shipped with the IBM FSM. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-2468 CVSS Base Score:Â...
Security Bulletin: Vulnerabilities in Bash affect IBM Flex System Manager (FSM): (CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187)
Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as "Bash Bug" or "Shellshock" and two memory corruption vulnerabilities. Bash is used by IBM FSM Vulnerability Details Abstract Six Bash vulnerabilities were...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Flex System Manager (FSM) Storage Manager Install Anywhere (SMIA) configuration tool (CVE-2017-3738, CVE-2017-3737)
Summary Multiple vulnerabilities have been discovered in OpenSSL that was used by IBM FSM SMIA configuration tool commonly known as Network Advisor. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2017-3738 DESCRIPTION: OpenSSL could allow a remote attacker to obta...
Security Bulletin: Multiple vulnerabilities in Oracle® Java™ Runtime Environment version 1.7 affect IBM Flex System Manager(FSM) Storage Manager Install Anywhere (SMIA) configuration tool
Summary There are multiple vulnerabilities in Oracle® Java™ Runtime Environment version 1.7 that is used by IBM Flex System Manager FSM Storage Management Install Anywhere SMIA configuration tool. These issues were disclosed as part of the Java updates from July 2016, and January 2017...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System Manager (FSM)
Summary Vulnerabilities have been discovered in OpenSSL used in the IBM FSM. These issues are addressed in this bulletin. Vulnerability Details CVEID: CVE-2016-2177 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundar...
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple Expat vulnerabilities (CVE-2016-5300, CVE-2016-6702)
Summary Multiple vulnerabilities have been identified in Expat that is embedded in the IBM FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2012-6702 DESCRIPTION: Expat, when used in a parser that has not called XMLSetHashSalt or passed it a seed of 0, could...
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple Struts vulnerabilities (CVE-2016-1181, CVE-2016-1182)
Summary Multiple vulnerabilities have been identified in Struts that is embedded in the IBM FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2016-1181 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by th...
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple tcpdump vulnerabilities
Summary Multiple security vulnerabilities have been identified in tcpdump that is embedded in IBM FSM. This bulletin addresses these issues. Vulnerability Details CVEID: CVE-2016-7923 DESCRIPTION: tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the ARP parser in...
Security Bulletin: IBM Flex System Manager (FSM) is affected by an OpenSSH vulnerability (CVE-2015-8325)
Summary A security vulnerability has been identified in OpenSSH that is embedded in IBM FSM. This bulletin addresses this issue. Vulnerability Details CVEID: CVE-2015-8325 DESCRIPTION: OpenSSH could allow a local attacker to gain elevated privileges on the system, caused by an error in the...
Security Bulletin: Vulnerabilities in GnuTLS and OpenSSL affect IBM Flex System Manager (FSM) (CVE-2016-8610)
Summary Vulnerabilities have been discovered in GnuTLS and OpenSSL used by IBM FSM. These issues are addressed in this bulletin. Vulnerability Details CVEID: CVE-2016-8610 DESCRIPTION: The SSL/TLS protocol is vulnerable to a denial of service, caused by an error when processing ALERT packets duri...
Security Bulletin: IBM Flex System Manager (FSM) is affected by a libgcrypt vulnerability (CVE-2016-6313)
Summary A security vulnerability has been identified in libgcrypt that is embedded in IBM FSM. This bulletin addresses this issue. Vulnerability Details CVEID: CVE-2016-6313 DESCRIPTION: GnuPG could provide weaker than expected security, caused by an error in the mixing functions when obtaining...
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple cURL/libcURL vulnerabilities (CVE-2016-5419, CVE-2016-5420, CVE-2016-7141)
Summary Multiple security vulnerabilities have been identified in cURL/libcURL that is embedded in IBM FSM. This bulletin addresses these issues. Vulnerability Details CVEID: CVE-2016-5419 DESCRIPTION: cURL/libcURL could allow a remote attacker to bypass security restrictions, caused by the failu...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Flex System Manager (FSM) Storage Manager Install Anywhere (SMIA) configuration tool
Summary OpenSSL vulnerabilities were disclosed on May 3, 2016, Sep 22, 2016 and Sep 26, 2016 by the OpenSSL Project. OpenSSL was used by IBM FSM SMIA configuration tool commonly known as Network Advisor. This bulletin addresses the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2107...
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple php vulnerabilities
Summary Multiple vulnerabilities have been identified in php that is embedded in the IBM FSM. This fix addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2016-7124 DESCRIPTION: PHP is vulnerable to a denial of service, caused by the improper handling of invalid objects by...
Security Bulletin: IBM Flex System Manager (FSM) is affected by a vulnerability in fontconfig (CVE-2016-5384)
Summary A security vulnerability has been discovered in fontconfig that is embedded in IBM FSM. This bulletin addresses this vulnerability. Vulnerability Details CVEID: CVE-2016-5384 DESCRIPTION: Fontconfig could allow a local attacker to execute arbitrary code on the system, caused by the lack o...
Security Bulletin: IBM Flex System Manager (FSM) is affected by a vulnerability in sqlite (CVE-2016-6153)
Summary A security vulnerability has been discovered in sqlite that is embedded in the IBM FSM. This bulletin addresses this vulnerability. Vulnerability Details CVEID: CVE-2016-6153 DESCRIPTION: SQLite could allow a local attacker to gain elevated privileges on the system, caused by the creation...
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple php vulnerabilities
Summary Multiple security vulnerabilities have been discovered in php that is embedded in the IBM FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2015-8835 DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by the...
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple openssl vulnerabilities
Summary Multiple security vulnerabilities have been discovered in openssl that is embedded in the IBM FSM. This fix addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2016-0799 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a memory...
Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple libxml2 vulnerabilities
Summary Multiple security vulnerabilities have been discovered in libxml2 that is embedded in the IBM FSM. This fix addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2016-3627 DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by an error in the xmlStringGetNodeList...
Security Bulletin: IBM Flex System Manager (FSM) is affected by a Pluggable Authentication Module (PAM) vulnerability (CVE-2013-7041)
Summary A security vulnerability was discovered in PAM that is embedded in the IBM FSM. This bulletin addresses this vulnerabilities. Vulnerability Details CVEID: CVE-2013-7041 DESCRIPTION: pamuserdb module for Pam could provide weaker than expected security, caused by an error in the strncasecmp...