IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM API Management (CVE-2016-2177, CVE-2016-2178, CVE-2016-2180)
OpenSSL vulnerabilities disclosed on August and September 2016 by the OpenSSL Project. OpenSSL is used by IBM API Management. IBM API Management has addressed the applicable CVEs.
CVE(s): CVE-2016-2177, CVE-2016-2178, CVE-2016-2180
Affected product(s) and affected version(s):
IBM API Management V4.0
IBM API Connect v5.0
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2hPLeKU
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2dmWOvf
from IBM Product Security Incident Response Team http://ift.tt/2hPQGxg