Boletines de Vulnerabilidades

Security Bulletin: Vulnerabilities in OpenSSL affect Juniper EX Series Network Switches sold by IBM for use in IBM Products (CVE-2014-3569, CVE-2014-3570, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204,


Información sobre el sistema
   
Software afectado IBM

Descripción
OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes "FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by Juniper EX Series Network Switches sold by IBM for use in IBM Products. Juniper has addressed the applicable CVEs. CVE(s): CVE-2014-3569, CVE-2014-3570, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204 and CVE-2015-0205 Affected product(s) and affected version(s): JunOS release 12.3R9

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_vulnerabilities_in_openssl_affect_juniper_ex_series_network_switches_sold_by_ibm_for_use_in_ibm_products_cve_2014_3569_cve_2014_3570_cve_2014_3572_cve_2014_8275_cve_2015_0204_cve

Identificadores estándar
Propiedad Valor
CVE

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-08-07

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT