IBM Security Bulletin: Multiple vulnerabilities affect IBM Sterling Secure Proxy Configuration Manager
Several vulnerabilities affect the Configuration Manager of the IBM Sterling Secure Proxy (SSP) product. The SSP Configuration Manager typically runs in the Secure Zone, and is not accessible from the internet.
CVE(s): CVE-2016-6026, CVE-2016-6027, CVE-2016-6025, CVE-2016-6023
Affected product(s) and affected version(s):
IBM Sterling Secure Proxy 3.4.3 GA
IBM Sterling Secure Proxy 3.4.2 through 3.4.2.0 iFix 7
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2cOICbY
X-Force Database: http://ift.tt/2dFdCkE
X-Force Database: http://ift.tt/2cOIVn5
X-Force Database: http://ift.tt/2dFf6vs
X-Force Database: http://ift.tt/2cOHZzc
from IBM Product Security Incident Response Team http://ift.tt/2dFfdHc