IBM Security Bulletin: Httpd vulnerabilities affect IBM SmartCloud Entry (CVE-2013-5704 CVE-2015-3183 )
IBM SmartCloud Entry is vulnerable to httpd vulnerabilities. An attacker could exploit these vulnerabilities to bypass security restrictions, poison the web cache, bypass web application firewall protection, and conduct XSS attacks
CVE(s): CVE-2013-5704, CVE-2015-3183
Affected product(s) and affected version(s):
IBM SmartCloud Entry 2.2.0 through 2.2.0.4 Appliance fix pack 5
IBM SmartCloud Entry 2.3.0 through 2.3.0.4 Appliance fix pack 5
IBM SmartCloud Entry 2.4.0 through 2.4.0.4 Appliance fix pack 5
IBM SmartCloud Entry 3.1.0 through 3.1.0.4 Appliance fix pack 19
IBM SmartCloud Entry 3.2.0 through 3.2.0.4 Appliance fix pack 19
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/28T24Wz
X-Force Database: http://ift.tt/1NSj6En
X-Force Database: http://ift.tt/1rhWti4
from IBM Product Security Incident Response Team http://ift.tt/28YMIxH