Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: Multiple security vulnerabilities in ElasticSearch might affect Process Federation Server (PFS) in IBM Business Process Manager (BPM) - CVE-2015-5531, CVE-2015-5377 |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
IBM Process Federation Server (PFS) is an optional component that is shipped with IBM Business Process Manager (BPM) V8.5.6.0. It allows the collection of task information of existing IBM Business Process Manager environments to provide a federated task list. PFS uses the ElasticSearch open source library to provide a highly scalable infrastructure. Security vulnerabilities that have been disclosed by the ElasticSearch project might affect PFS. CVE(s): CVE-2015-5377 and CVE-2015-5531 More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_security_vulnerabilities_in_elasticsearch_might_affect_process_federation_server_pfs_in_ibm_business_process_manager_bpm_cve_2015_5531_cve_2015_5377?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2015-5531 ,CVE-2015-5377 ,CVE-2015-4000 ,CVE-2015-2613 ,CVE-2015-2601 ,CVE-2015-4749 ,CVE-2015-2625 ,CVE-2015-1931 and CVE-2015-2590. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2015-08-15 |