Boletines de Vulnerabilidades

IBM Security Bulletin:Vulnerabilities in OpenSSL affect Tivoli Workload Scheduler Application (CVSs 2014-3569 2014-3572 2015-0204 2014-3570 2014-8275)

Información sobre el sistema
   
Software afectado IBM

Descripción
OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by Tivoli Workload Scheduler Application has addressed the applicable CVEs. CVE(s): CVE-2014-3570, CVE-2014-3572, CVE-2014-8275 and CVE-2015-0204 Affected product(s) and affected version(s): Tivoli Workload Scheduler for Applications, the programs that are installed in /methods

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerabilities_in_openssl_affect_tivoli_workload_scheduler_application_cvss_2014_3569_2014_3572_2015_0204_2014_3570_2014_8275?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-3570 ,CVE-2014-3572 ,CVE-2014-8275 ,CVE-2015-0204 ,CVE-2014-3569 ,CVE-2014-3571 ,CVE-2015-0205 and CVE-2015-0206.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-04-09

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT