Boletines de Vulnerabilidades

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM API Management (CVE-2015-0488, CVE-2015-0478, CVE-2015-2808, CVE-2015-1916 and CVE-2015-0204)


Información sobre el sistema

   
Software afectado IBM

Descripción

There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version7.0 that is used by IBM API Management. These issues were disclosed as part of the IBM Java SDK updates in April 2015. This bulletin also addresses FREAK: Factoring Attack on RSA-EXPORT keys" SSL/TLS vulnerability and RC4 Bar Mitzvah Attack for SSL/TLS vulnerability. CVE(s): CVE-2015-0488, CVE-2015-0478, CVE-2015-2808, CVE-2015-1916, CVE-2015-0204 and CVE-2015-0138 Affected product(s) and affected

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_vulnerabilities_in_ibm_java_sdk_affect_ibm_api_management_cve_2015_0488_cve_2015_0478_cve_2015_2808_cve_2015_1916_and_cve_2015_0204?lang=en_us

Identificadores estándar

Propiedad Valor
CVE CVE-2015-0488 ,CVE-2015-0478 ,CVE-2015-2808 ,CVE-2015-1916 ,CVE-2015-0204 ,CVE-2015-0197 ,CVE-2015-0198 ,CVE-2015-0199 ,CVE-2015-4000 and CVE-2015-0138.

Histórico de versiones

Versión Comentario Fecha
1.0 Advisory issued 2015-06-26

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT