IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Tivoli Network Manager IP Edition V3.9 Fix Pack 4 HTTPS support for Perl Collectors (CVE-2014-3566, CVE-2014-3513, CVE-2014-3567,C
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
IBM Tivoli Network Manager IP Edition 3.9 Fixpack 4 added HTTPS support for three Perl Collectors (Alcatel5620SamSoap collector, Alcatel5620SamSoapFindtoFile collector, and Alcatel5529IdmSoap collector) which required user to install OpenSSL. 1. SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. By default, SSLv3 is not enabled in IBM Tivoli Network Manager IP Edition V3.9 Fix Pack 4. CVE-ID:CVE-2014-3566 2. Security
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_vulnerabilities_in_openssl_affect_ibm_tivoli_network_manager_ip_edition_v3_9_fix_pack_4_https_support_for_perl_collectors_cve_2014_3566_cve_2014_3513_cve_2014_3567_c |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
|