IBM Security Bulletin: Vulnerabilities in GSKit and IBM WebSphere Application Server affect IBM Cognos Controller 10.2.1 (CVE-2015-0159, CVE-2015-0138)
|
System information
|
|
|
Affected software |
IBM |
Description
|
The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM WebSphere Application Server Liberty Profile Version 8.5 that is used by IBM Cognos Controller 10.2.1. GSKit 8.0 is an IBM component that is used by IBM Cognos Controller 10.2.1. The GSKit that is shipped with IBM Cognos Controller 10.2.1 contains a security vulnerability and IBM Cognos Controller has addressed the applicable CVE. CVE(s): CVE-2015-0138 and CVE-2015-0159 Affected
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerabilities_in_gskit_and_ibm_websphere_application_server_affect_ibm_cognos_controller_10_2_1_cve_2015_0159_cve_2015_0138?lang=en_us |
Standar resources
|
Property |
Value |
CVE |
CVE-2015-0159 ,CVE-2015-0138 ,CVE-2015-2808 ,CVE-2015-0286 ,CVE-2015-0204 ,CVE-2014-3508 ,CVE-2014-5139 ,CVE-2014-3509 ,CVE-2014-3505 ,CVE-2014-3506 ,CVE-2014-3507 ,CVE-2014-3510 ,CVE-2014-3511 and CVE-2014-3512. |