Home Unlabelled IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Scheduler

IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Scheduler

By
Saturday, September 23, 2017
Read
Add Comment

OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Workload Manager. IBM Workload Manager has addressed the applicable CVEs

CVE(s): CVE-2016-6302, CVE-2016-6305, CVE-2016-6303, CVE-2016-6304, CVE-2016-2182, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, CVE-2016-2181, CVE-2016-6309, CVE-2016-7052, CVE-2016-2180, CVE-2016-2179, , CVE-2000-1254, ,

Affected product(s) and affected version(s):

TWS uses OpenSSL only for secure communication between internal processes.
For Tivoli Workload Scheduler Distributed, TWS nodes are impacted by OpenSSL security exposures only if the TWS workstation has been defined with “securitylevel” set to on or enabled or force.

These security exposures do not apply to the embedded WebSphere Application Server but only to programs installed under /bin.

Tivoli Workload Scheduler Distributed 8.6.0 FP04 and earlier
Tivoli Workload Scheduler Distributed 9.1.0 FP02 and earlier
Tivoli Workload Scheduler Distributed 9.2.0 FP02 and earlier
IBM Workload Scheduler Distributed 9.3.0 FP02 and earlier

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2fipuXq
X-Force Database: http://ift.tt/2dR4fNY
X-Force Database: http://ift.tt/2dR3XX1
X-Force Database: http://ift.tt/2dmXjFz
X-Force Database: http://ift.tt/2dmY7tO
X-Force Database: http://ift.tt/2dR45pA
X-Force Database: http://ift.tt/2dmYpRr
X-Force Database: http://ift.tt/2dR3Smm
X-Force Database: http://ift.tt/2dmYa8Y
X-Force Database: http://ift.tt/2dmXLUk
X-Force Database: http://ift.tt/2fn8D82
X-Force Database: http://ift.tt/2dTp6vD
X-Force Database: http://ift.tt/2dmWOvf
X-Force Database: http://ift.tt/2dR5fBu
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2gJ8WYq
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2hNr07D

The post IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Scheduler appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2wcbhSI
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us