Boletines de Vulnerabilidades

IBM Security Bulletin: IBM WebSphere MQ is affected by multiple vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 5, 6 & 7

Información sobre el sistema
   
Software afectado IBM

Descripción
Multiple security vulnerabilities exist in the IBM Runtime Environments Java Technology Edition component of WebSphere MQ. CVE(s): CVE-2015-0488, CVE-2015-0478, CVE-2015-2808, CVE-2015-1916, CVE-2015-0204, CVE-2015-2613, CVE-2015-2601,CVE-2015-2625 and CVE-2015-1931 Affected product(s) and affected version(s): IBM WebSphere MQ 8.0 IBM WebSphere MQ 8.0.0.3 and earlier maintenance levels IBM WebSphere MQ 7.5 IBM WebSphere MQ 7.5.0.5 and earlier maintenance levels IBM WebSphere

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_websphere_mq_is_affected_by_multiple_vulnerabilities_in_ibm_runtime_environments_java_technology_edition_versions_5_6_7?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2015-0488 ,CVE-2015-0478 ,CVE-2015-2808 ,CVE-2015-1916 ,CVE-2015-0204 ,CVE-2015-2613 ,CVE-2015-2601 ,CVE-2015-2625 ,CVE-2015-1931 ,CVE-2014-0230 ,CVE-2015-5044 and CVE-2015-4749.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-11-05

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT