IBM Security Bulletin: Multiple Vulnerabilities affect IBM Sterling Secure Proxy
Three Jetty request smuggling vulnerabilities and an Apache ActiveMQ man-in-the-middle vulnerability were addressed by IBM Sterling Secure Proxy.
CVE(s): CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2018-11775
Affected product(s) and affected version(s):
IBM Sterling Secure Proxy 3.4.3 through 3.4.3.2 iFix 2
IBM Sterling Secure Proxy 3.4.2 through 3.4.2 iFix 15
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10792111
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145520
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145521
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145522
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/149705
The post IBM Security Bulletin: Multiple Vulnerabilities affect IBM Sterling Secure Proxy appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ibm.co/2LWgV44