Medium Severity

IBM Security Bulletin: IBM has released Unified Extensible Firmware Interface (UEFI) fixes in response to OpenSSL vulnerability CVE-2018-5407

Share this post:

IBM has released the following Unified Extensible Firmware Interface (UEFI) fixes for System x, Flex and BladeCenter systems in response to OpenSSL vulnerability CVE-2018-5407.

CVE(s): CVE-2018-5407

Affected product(s) and affected version(s):

Product

Affected Version

BladeCenter HS23 7875/1929

tke1

BladeCenter HS23E 8038/8039

ahe1

Flex System x220 2585/7906

kse1

Flex System x222 7916

cce1

Flex System x240 7863/8737/8738/8956

b2e1

Flex System x280, x480, x880 7903

n2e1

Flex System x440 7917

cne1

System x iDataPlex dx360 M4 7912/7913

tde1

System x NeXtScale nx360 M4 5455

fhe1

System x3100 M5 5457

j9e1

System x3250 M5 5458

jue1

System x3300 M4 7382

yae1

System x3500 M4 7383

y5e1

System x3550 M4 7914

d7e1

System x3630 M4 7158
System x3530 M4 7160

bee1

System x3650 M4 7915
System x3650 M4 HD 5460

vve1

System x3650 M4 BD 5466

yoe1

System x3750 M4 8718/8722/8733/8752

koe1

System x3850 x6 3837/3839
System x3950 x6 3839

a8e1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10958871
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152484

More stories

IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities (CVE-2018-0732, CVE-2018-0739, CVE-2017-3735)

Jul 21, 2019 9:00 am EDT | Medium Severity

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerabilities 3 issues for OpenSSL: 2 for a denial of service and 1 for an error while parsing an IPAdressFamily extension in an X.509 certificate. CVE(s): CVE-2018-0732, CVE-2018-0739, CVE-2017-3735 Affected product(s) and affected version(s):IBM Security Identity Governance and ...read more


IBM Security Bulletin: A Security Vulnerability affects IBM Cloud Private – Kubernetes (CVE-2019-11246)

Jul 20, 2019 9:01 am EDT | Medium Severity

A Security Vulnerability affects IBM Cloud Private – Kubernetes (CVE-2019-11246) CVE(s): CVE-2019-11246 Affected product(s) and affected version(s):IBM Cloud Private 3.1.0, 3.1.1, 3.1.2, 3.2.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=ibm10957893X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162892 ...read more


IBM Security Bulletin: Multiple vulnerabilities in Jetty affect Netcool Agile Service Manager (CVE-2019-10247, CVE-2019-10246)

Jul 19, 2019 9:02 am EDT | Medium Severity

There are multiple vulnerabilities in Eclipse Jetty used by Netcool Agile Service Manager. Netcool Agile Service Manager has addressed the applicable CVEs. CVE(s): CVE-2019-10247, CVE-2019-10246 Affected product(s) and affected version(s):Netcool Agile Service Manager 1.1.3 – 1.1.4 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10887913X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160610X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160611 ...read more