IBM Security Bulletin: Vulnerability in OpenSSL affects IBM Flex System FC5022 16Gb SAN Scalable Switch and IBM Flex System EN4023 10Gb Scalable Switch (CVE-2016-2108)
OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Flex System FC5022 16Gb SAN Scalable Switch and IBM Flex System EN4023 10Gb Scalable Switch. IBM Flex System FC5022 16Gb SAN Scalable Switch and IBM Flex System EN4023 10Gb Scalable Switch have addressed the applicable CVE. Vulnerability Details:
CVE(s): CVE-2016-2108
Affected product(s) and affected version(s):
| Product | Affected Version |
|---|---|
| IBM Flex System FC5022 16Gb SAN Scalable Switch | 7.0.0 – 8.0.1 |
| IBM Flex System EN4023 10Gb Scalable Switch | 4.0.0 – 6.0.2 |
Remediation/Fixes:
Firmware fix versions are available on Fix Central:
http://ift.tt/1qeg5iT.
| Product | Fix Version |
|---|---|
| IBM Flex System FC5022 16Gb SAN Scalable Switch (brcd_fw_bcsw_8.1.0a_anyos_noarch) | 8.1.0a |
| IBM Flex System EN4023 10Gb Scalable Switch (brcd_fw_bcsw_nos6.0.2b-bbd_anyos_noarch) | 6.0.2b-bbd |
Workaround(s) & Mitigation(s):
None
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2ur0EhV
X-Force Database: http://ift.tt/1VjTr9i
The post IBM Security Bulletin: Vulnerability in OpenSSL affects IBM Flex System FC5022 16Gb SAN Scalable Switch and IBM Flex System EN4023 10Gb Scalable Switch (CVE-2016-2108) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2uqZzqe