Security Bulletin: OpenSSL as used by IBM QRadar Network Packet Capture is vulnerable to a timing side channel attack (CVE-2018-0734)
Covert timing channels convey information by modulating some aspect of system behavior over time, so that the program receiving the information can observe system behavior and infer protected information.
Affected product(s) and affected version(s):
IBM QRadar Network Packet Capture 7.3.0 – 7.3.2 Patch 2
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1115649
The post Security Bulletin: OpenSSL as used by IBM QRadar Network Packet Capture is vulnerable to a timing side channel attack (CVE-2018-0734) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2XNKSJw