Vulnerability Bulletins

IBM Security Bulletin: IBM License Metric Tool, IBM Endpoint Manager for Software Use Analysis and IBM Tivoli Asset Discovery for Distributed Java-related vulnerabilities - October 2014

System information
   
Affected software IBM

Description
IBM License Metric Tool, IBM Endpoint Manager for Software Use Analysis and IBM Tivoli Asset Discovery for Distributed are vulnerable to attacks related to Java vulnerabilites. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption (POODLE) SSLv3 vulnerability (CVE-2014-3566). CVE(s): CVE-2014-3566 and CVE-2014-6457 Affected product(s) and affected version(s): IBM Tivoli Asset Discovery for Distributed v7.2.2 & v7.5, IBM License Metric Tool v7.2.2, v7.5

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_license_metric_tool_ibm_endpoint_manager_for_software_use_analysis_and_ibm_tivoli_asset_discovery_for_distributed_java_related_vulnerabilities_october_2014?lang=en_us

Standar resources
Property Value
CVE CVE-2014-3566 ,CVE-2014-6457 ,CVE-2014-3567 ,CVE-2014-3568 ,CVE-2014-3004 ,CVE-2015-0278 and CVE-2015-0138.

Version history
Version Comments Date
1.0 Advisory issued 2015-04-16
Ministerio de Defensa
CNI
CCN
CCN-CERT