IBM Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation
OpenSSL vulnerabilities were disclosed on September 22, 2016 and September 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs.
CVE(s): CVE-2000-1254, CVE-2016-2177, CVE-2016-2178, CVE-2016-6302, CVE-2016-6304, CVE-2016-6305, CVE-2016-6303, CVE-2016-2182, CVE-2016-2180, CVE-2016-2179, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, CVE-2016-2183, CVE-2016-2181, CVE-2016-6309, CVE-2016-7052
Affected product(s) and affected version(s):
IBM MobileFirst Platform Foundation 8.0.0.0
IBM MobileFirst Platform Foundation 7.1.0.0
IBM MobileFirst Platform Foundation 7.0.0.0
IBM MobileFirst Platform Foundation 6.3.0.0
IBM Worklight Consumer Edition 6.1.0.0, 6.1.0.1 and 6.1.0.2
IBM Worklight Enterprise Edition 6.1.0.0, 6.1.0.1 and 6.1.0.2
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2gVHoSI
X-Force Database: http://ift.tt/2gJ8WYq
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2dR4fNY
X-Force Database: http://ift.tt/2dmY7tO
X-Force Database: http://ift.tt/2dR3XX1
X-Force Database: http://ift.tt/2dmXjFz
X-Force Database: http://ift.tt/2dR45pA
X-Force Database: http://ift.tt/2dmWOvf
X-Force Database: http://ift.tt/2dR5fBu
X-Force Database: http://ift.tt/2dmYpRr
X-Force Database: http://ift.tt/2dR3Smm
X-Force Database: http://ift.tt/2dmYa8Y
X-Force Database: http://ift.tt/2dR3VyC
X-Force Database: http://ift.tt/2dmXLUk
X-Force Database: http://ift.tt/2fn8D82
X-Force Database: http://ift.tt/2dTp6vD
from IBM Product Security Incident Response Team http://ift.tt/2gVHI3L