Boletines de Vulnerabilidades

IBM Security Bulletin: IBM Cognos Business Intelligence Sever 2015Q2 Security Updater : IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities

Información sobre el sistema
   
Software afectado IBM

Descripción
There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 and IBM® Runtime Environment Java™ Technology Edition, Version 7 that are used by IBM Cognos Business Intelligence. These issues were disclosed as part of the IBM Java SDK updates in April 2015. This bulletin also addresses FREAK: Factoring Attack on RSA-EXPORT keys SSL/TLS vulnerability and RC4 Bar Mitzvah Attack for SSL/TLS vulnerability. A security vulnerability has been

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_cognos_business_intelligence_sever_2015q2_security_updater_ibm_cognos_business_intelligence_server_is_affected_by_multiple_vulnerabilities?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2015-1916 ,CVE-2015-0488 ,CVE-2015-4000 ,CVE-2015-0478 ,CVE-2015-2808 ,CVE-2014-0227 ,CVE-2015-0209 ,CVE-2015-0286 and CVE-2015-0289.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-06-30

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT