Security Bulletin: Several System x and Flex Systems products are affected by vulnerabilities in OpenSSL (CVE-2013-6449, CVE-2013-4353 and CVE-2013-6450)

Summary Security vulnerabilities discovered in OpenSSL have been fixed in recent releases of several IBM System x and Flex Systems products. You may have already applied the updates containing these fixes. Vulnerability Details Abstract Security vulnerabilities discovered in OpenSSL have been fix...

Security Bulletin: Two vulnerabilities fixed in recent IBM ServerGuide, UXSPI and ToolsCenter Suite release (CVE-2014-4244, CVE-2104-4835)

Summary IBM ToolsCenter Suite is affected by one vulnerability in Java, while IBM ServerGuide, UXSPI and ToolsCenter Suite are all affected by an additional vulnerability. Vulnerability Details Abstract IBM ToolsCenter Suite is affected by one vulnerability in Java, while IBM ServerGuide, UXSPI a...

Security Bulletin: IBM ToolsCenter Suite is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)

Summary Security vulnerabilities have been discovered in OpenSSL. Description: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTL Vulnerability Details Abstract Security vulnerabilities have been discovered in OpenSSL. Content Vulnerability...

CVE-2014-4835

IBM ServerGuide before 9.63, UpdateXpress System Packs Installer UXSPI before 9.63, and ToolsCenter Suite before 9.63 place credentials in logs, which allows local users to obtain sensitive information by reading a file...

Design/Logic Flaw

IBM ServerGuide before 9.63, UpdateXpress System Packs Installer UXSPI before 9.63, and ToolsCenter Suite before 9.63 place credentials in logs, which allows local users to obtain sensitive information by reading a file...

CVE-2014-4835

The CVE-2014-4835 issue affects IBM ServerGuide before 9.63, UpdateXpress System Packs Installer (UXSPI) before 9.63, and ToolsCenter Suite before 9.63. The root cause is credentials being written to log files, enabling a local user to read sensitive information. Impact is partial confidentiality...

CVE-2014-4835

IBM ServerGuide before 9.63, UpdateXpress System Packs Installer UXSPI before 9.63, and ToolsCenter Suite before 9.63 place credentials in logs, which allows local users to obtain sensitive information by reading a file...