Boletines de Vulnerabilidades

IBM Security Bulletin: Vulnerabilities in GSKit affect IBM Rational RequisitePro (CVE-2015-0138)

Información sobre el sistema
   
Software afectado IBM

Descripción
GSKit is an IBM component that is used by IBM Rational RequisitePro. The GSKit that is shipped with IBM Rational RequisitePro contains multiple security vulnerabilities including the “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. IBM Rational RequisitePro has addressed the applicable CVEs. CVE(s): CVE-2015-0138 Affected product(s) and affected version(s): Version Status 7.1.4 through 7.1.4.7 Affected 7.1.3 through 7.1.3.14

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerabilities_in_gskit_affect_ibm_rational_requisitepro_cve_2015_0138?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2015-0138 and CVE-2015-0159.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-04-09

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT