Home Unlabelled IBM Security Bulletin: Vulnerabilities in OpenSSH affect the IBM FlashSystem models 840 and 900

IBM Security Bulletin: Vulnerabilities in OpenSSH affect the IBM FlashSystem models 840 and 900

By
Tuesday, April 18, 2017
Read
Add Comment

Apr 18, 2017 10:00 am EDT

Categorized: High Severity

There are vulnerabilities in OpenSSH to which the IBM® FlashSystem™ 840 and FlashSystem 900 are susceptible. An exploit of these vulnerabilities (CVE-2015-6563 and CVE-2015-6564) could allow a remote attacker to bypass security restrictions to gain elevated privileges or conduct an impersonation attack.

CVE(s): CVE-2015-6563, CVE-2015-6564

Affected product(s) and affected version(s):

· FlashSystem 840 affected Machine Type Models (MTMs) include:
o 9840-AE1 and 9843-AE1

· FlashSystem 900 affected MTMs include:
o 9840-AE2 and 9843-AE2

· Code versions affected, for both FlashSystem 840 & 900, include supported VRMFs:
o 1.3.0.0 – 1.3.0.6

· Code streams NOT affected:
o 1.4 stream was NOT affected

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2nZ1cso
X-Force Database: http://ift.tt/2bZYLgC
X-Force Database: http://ift.tt/2c8Vyh9



from IBM Product Security Incident Response Team http://ift.tt/2opfLAJ
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us