Security Bulletin: A security vulnerability has been identified in OpenSSL, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2018-5407)

Summary OpenSSL is shipped with IBM Tivoli Network Manager IP Edition version 3.9. Information about a security vulnerability affecting Open SSL has been published here. Vulnerability Details CVEID: CVE-2018-5407 DESCRIPTION: Multiple SMT/Hyper-Threading architectures and processors could allow a...

K49711130: OpenSSL and Intel processor SMT side-channel vulnerability (PortSmash) CVE-2018-5407

Security Advisory Description Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention.' CVE-2018-5407 also known as PortSmash Impact The vulnerability allows an attacker who can...

Security Bulletin: IBM InfoSphere Master Data Management Standard and Advanced Editions are affected by vulnerabilities in OpenSSL (CVE-2018-0735, CVE-2018-0734, CVE-2018-5407)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVEID: CVE-2018-0735 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the ECDSA signature algorithm. An attacker could exploit this...

SUSE: Security Advisory (SUSE-SU-2018:4001-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:0395-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: OpenSSL vulnerability affects IBM Rational Team Concert

Summary OpenSSL vulnerability was disclosed by the OpenSSL Project. OpenSSL is used by Rational BuildForge Agent shipped with IBM Rational Team Concert. Rational BuildForge has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2018-5407 DESCRIPTION: Multiple SMT/Hyper-Threading...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Scheduler

Summary OpenSSL vulnerabilities CVE-2019-1559 and CVE-2018-5407 were disclosed by the OpenSSL Project. OpenSSL is used by IBM Workload Manager. IBM Workload Manager has addressed the applicable CVEs Vulnerability Details CVE-ID: CVE-2018-5407 Description: Multiple SMT/Hyper-Threading architecture...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Integration Bus , IBM App Connect and WebSphere Message Broker

Summary Multiple vulnerabilities in OpenSSL affect IBM Integration Bus , IBM App Connect and WebSphere Message Broker. The DataDirect ODBC Drivers used by IBM App Connect , IBM Integration Bus and WebSphere Message Broker have addressed the applicable CVEs. Vulnerability Details CVEID:...

Security Bulletin: Multiple Security Vulnerabilities in OpenSSL Affect IBM Sterling B2B Integrator (CVE-2018-0734, CVE-2018-5407)

Summary Security vulnerabilities in OpenSSL affect IBM Sterling B2B Integrator Vulnerability Details CVE-ID: CVE-2018-0734 Description: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm. An attacker could...

Security Bulletin: Vulnerabilities CVE-2018-5407 and CVE-2018-0734 in OpenSSL affect IBM i

Summary OpenSSL is used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-5407 DESCRIPTION: Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on...

openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information...

openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information...

openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information...

openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information...

Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System

Summary Open Source OpenSSL is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2018-5407 DESCRIPTION: Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain...

Security Bulletin: Vulnerability in OpenSSL affects IBM OS Image for Red Hat Linux Systems, AIX and bundling products for IBM PureApplication Systems (CVE-2018-5407)

Summary Open Source OpenSSL is vulnerable to a publicly disclosed vulnerability. Vulnerability Details CVEID: CVE-2018-5407 Description: Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on...

CentOS 7 : ovmf (CESA-2019:2125)

An update for ovmf is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Security Bulletin: OpenSSL as used in IBM QRadar Network Packet Capture is vulnerable to information exposure (CVE-2018-5407)

Summary OpenSSL as used in IBM QRadar Network Packet Capture is susceptible to information exposure. Vulnerability Details CVEID: CVE-2018-5407 Description: Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution...

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-5407)

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerability. Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information. This vulnerability is known as PortSmash...

Security Bulletin: OpenSSL as used in IBM QRadar SIEM is vulnerable to a information disclosure (CVE-2018-5407)

Summary Open Source OpenSSL is vulnerable to a publicly disclosed vulnerability Vulnerability Details CVEID: CVE-2018-5407 Description: Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on...