Home Unlabelled IBM Security Bulletin: Vulnerabilities in Php affect IBM SmartCloud Entry (CVE-2015-4644 CVE-2016-5385)

IBM Security Bulletin: Vulnerabilities in Php affect IBM SmartCloud Entry (CVE-2015-4644 CVE-2016-5385)

By
Tuesday, December 27, 2016
Read
Add Comment

IBM SmartCloud Entry is vulnerable to Php vulnerabilities. Attackers could exploit these vulnerabilities to cause a segfault, or redirect outbound HTTP traffic to arbitrary proxy server. This is also known as the “HTTPOXY” vulnerability by using a specially-crafted Proxy header in a HTTP request.

CVE(s): CVE-2015-4644, CVE-2016-5385

Affected product(s) and affected version(s):

IBM SmartCloud Entry 2.2.0 through 2.2.0.4 Appliance fix pack 7
IBM SmartCloud Entry 2.3.0 through 2.3.0.4 Appliance fix pack 7
IBM SmartCloud Entry 2.4.0 through 2.4.0.4 Appliance fix pack 7
IBM SmartCloud Entry 3.1.0 through 3.1.0.4 Appliance fix pack 22
IBM SmartCloud Entry 3.2.0 through 3.2.0.4 Appliance fix pack 22

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2iAcf3Z
X-Force Database: http://ift.tt/2i3s5at
X-Force Database: http://ift.tt/2dv9pkb



from IBM Product Security Incident Response Team http://ift.tt/2i3s9GW
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us