IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares (CVE-2016-6304, CVE-2016-2177, …)
OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares has addressed the applicable CVEs.
CVE(s): CVE-2016-6302, CVE-2016-6304, CVE-2016-6303, CVE-2016-2182, CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-6306, CVE-2016-6308, CVE-2016-2181, CVE-2016-2183
Affected product(s) and affected version(s):
IBM Aspera Orchestrator 2.6.0 or earlier
IBM Aspera Virtural Catcher 2.4.4 or earlier
IBM Aspera Faspex 4.0.1 or earlier
IBM Aspera Shares 1.9.4 or earlier
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2BnY2AK
X-Force Database: http://ift.tt/2dR4fNY
X-Force Database: http://ift.tt/2dmY7tO
X-Force Database: http://ift.tt/2dmXjFz
X-Force Database: http://ift.tt/2dR45pA
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2dR5fBu
X-Force Database: http://ift.tt/2dmYpRr
X-Force Database: http://ift.tt/2dmYa8Y
X-Force Database: http://ift.tt/2dmXLUk
X-Force Database: http://ift.tt/2dR3VyC
The post IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Aspera Orchestrator, IBM Aspera Virtual Catcher, IBM Aspera Faspex, IBM Aspera Shares (CVE-2016-6304, CVE-2016-2177, …) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2BoUyxV