Boletines de Vulnerabilidades

IBM Security Bulletin: OpenSSL vulnerability in IBM SAN Volume Controller and Storwize Family (CVE-2014-0224)

Información sobre el sistema
   
Software afectado IBM

Descripción
Security vulnerability in OpenSSL CVE(s): CVE-2014-0224 Affected product(s) and affected version(s): IBM SAN Volume Controller IBM Storwize V7000 IBM Storwize V5000 IBM Storwize V3700 IBM Storwize V3500 All products are affected when running code releases 6.4, 7.1, 7.2 and 7.3 except for versions 6.4.1.10, 7.1.0.10, 7.2.0.7 or 7.3.0.3 and above. Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin:

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_openssl_vulnerability_in_ibm_san_volume_controller_and_storwize_family_cve_2014_0224?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-0224 ,CVE-2014-3470 ,CVE-2014-0098 and CVE-2013-4286.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-06-28

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT