Boletines de Vulnerabilidades

Security Bulletin: Tivoli Management Framework affected by vulnerability in OpenSSL versions prior than 1.0.1f


Información sobre el sistema

   
Software afectado IBM

Descripción

OpenSSL versions prior to 1.0.1f do not follow best security practices and need to upgrade. On Linux (Intel or z/OS) platform, the components of Tivoli Management Framework 4.1.1 may include the files in OpenSSL which version is prior than 1.0.1f. CVE(s): CVE-2013-4353, CVE-2013-6449, and CVE-2013-6450 Affected product(s) and affected version(s): Tivoli Management Framework 4.1.1 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin:

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_tivoli_management_framework_affected_by_vulnerability_in_openssl_versions_prior_than_1_0_1f?lang=en_us

Identificadores estándar

Propiedad Valor
CVE CVE-2013-4353 ,CVE-2013-6449 ,CVE-2013-6450 and CVE-2013-6730.

Histórico de versiones

Versión Comentario Fecha
1.0 Advisory issued 2014-03-05

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT