High Severity

IBM Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Worklight and IBM MobileFirst Platform Foundation

Share this post:

OpenSSL vulnerabilities were disclosed on September 22, 2016 and September 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Worklight and IBM MobileFirst Platform Foundation. IBM Worklight and IBM MobileFirst Platform Foundation have addressed the applicable CVEs.

CVE(s): CVE-2000-1254, CVE-2016-2177, CVE-2016-2178, CVE-2016-6302, CVE-2016-6304, CVE-2016-6305, CVE-2016-6303, CVE-2016-2182, CVE-2016-2180, CVE-2016-2179, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, CVE-2016-2183, CVE-2016-2181, CVE-2016-6309, CVE-2016-7052

Affected product(s) and affected version(s):

IBM MobileFirst Platform Foundation 8.0.0.0
IBM MobileFirst Platform Foundation 7.1.0.0
IBM MobileFirst Platform Foundation 7.0.0.0
IBM MobileFirst Platform Foundation 6.3.0.0
IBM Worklight Consumer Edition 6.1.0.0, 6.1.0.1 and 6.1.0.2
IBM Worklight Enterprise Edition 6.1.0.0, 6.1.0.1 and 6.1.0.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg2C1000213
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/113136
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/113890
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/113889
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117024
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117110
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117111
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117023
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/116342
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/115829
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/116343
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117112
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117113
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117114
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/116337
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/116344
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117148
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117149

More stories

Security Bulletin: CVE-2020-4481 HTTP properties vulnerable to an XXE attack

Aug 4, 2020 8:01 pm EDT | High Severity

HTTP properties are vulnerable to an XXE attack. This could allow files from the server host to be extracted. ...read more


Security Bulletin: vulnerabilities in in IBM® Runtime Environment Java™ Version 8 affect IBM WIoTP MessageGateway (CVE-2020-2805, CVE-2020-2803, CVE-2020-2781, CVE-2020-2755, CVE-2020-2754)

Aug 4, 2020 8:01 pm EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 that affect IBM WIoTP MessageGateway ...read more


Security Bulletin: CVE-2009-2625 CVE-2012-0881 CVE-2013-4002 CVE-2014-0107 Multiple Xml handling Issues in xerces and xalan

Aug 4, 2020 8:00 pm EDT | High Severity

CVE-2009-2625 CVE-2012-0881 CVE-2013-4002 CVE-2014-0107 Multiple Xml handling Issues in xerces and xalan ...read more