Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: Vulnerabilities in GSKit affect Security Access Manager for DataPower (CVE-2015-0159, CVE-2015-0138) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
GSKit is an IBM component that is used by Security Access Manager components on DataPower. The GSKit that is shipped with Security Access Manager contains several security vulnerabilities including the “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. The Security Access Manager components on DataPower have addressed the applicable CVEs. Both the Access Manager Reverse Proxy introduced in DataPower version 7.1 and the Access Manager Client are More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerabilities_in_gskit_affect_security_access_manager_for_datapower_cve_2015_0159_cve_2015_0138?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2015-0159 ,CVE-2015-0138 ,CVE-2014-8161 ,CVE-2015-0241 ,CVE-2015-0242 ,CVE-2015-0243 ,CVE-2015-0244 ,CVE-2015-1892 ,CVE-2015-1472 and CVE-2013-7423. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2015-04-09 |