IBM Security Bulletin: Multiple security issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On

OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Tealeaf Customer Experience on Cloud Network Capture Add-On. IBM Tealeaf Customer Experience on Cloud Network Capture Add-On has addressed the applicable CVEs. Multiple security vulnerabilities in PHP affect IBM Tealeaf Customer Experience on Cloud Network Capture Add-On. IBM Tealeaf Customer Experience on Cloud Network Capture Add-On could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the TLS certificate.

CVE(s): CVE-2016-2177, CVE-2016-2178, CVE-2016-5385, CVE-2016-5900, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6293, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-6304, CVE-2016-6305, CVE-2016-6307, CVE-2016-7125

Affected product(s) and affected version(s):

IBM Tealeaf Customer Experience on Cloud Network Capture Add-On 16.1.01

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2hAKqfD
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2dv9pkb
X-Force Database: http://ift.tt/2hAODzF
X-Force Database: http://ift.tt/2gwv8Dq
X-Force Database: http://ift.tt/2hAL0tF
X-Force Database: http://ift.tt/2hAMkgm
X-Force Database: http://ift.tt/2gwolcY
X-Force Database: http://ift.tt/2hAJ58C
X-Force Database: http://ift.tt/2gwvIRX
X-Force Database: http://ift.tt/2hAPfFs
X-Force Database: http://ift.tt/2gwynL2
X-Force Database: http://ift.tt/2hANjgk
X-Force Database: http://ift.tt/2gwvk5E
X-Force Database: http://ift.tt/2dmY7tO
X-Force Database: http://ift.tt/2dR3XX1
X-Force Database: http://ift.tt/2dR3Smm
X-Force Database: http://ift.tt/2fudZ0v

from IBM Product Security Incident Response Team http://ift.tt/2gwpMYV