Security Bulletin: GPFS V3.5 for Windows is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)
Apr 14, 2014 7:54 pm EST
Share this post:
Security vulnerabilities have been discovered in OpenSSL.
CVE(s): CVE-2014-0160, and CVE-2014-0076
Affected product(s) and affected version(s):
GPFS for Windows V3.5
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=isg3T1020683
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/92322
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/91990
XSA-304 and XSA-305 Security Vulnerabilities
Nov 13, 2019 12:30 pm EST
IBM is aware of reported Intel vulnerabilities, CVE-2018-12207 and CVE-2019-11135, which are addressed by Citrix in the XSA-304 and XSA-305 security advisories. The vulnerabilities potentially could enable a denial of service attack or allow unauthorized access to recent memory content. There are no known malicious exploits of these vulnerabilities, which potentially impact the hypervisor. IBM ...read more
IBM Product Security Incident Response
Acknowledgement
Nov 6, 2019 8:30 pm EST
IBM acknowledges and thanks the security researchers and organizations listed below for reporting and working with us to resolve one or more security vulnerabilities in our products and services. Disclosures for 2019 Danang Tri Atmaja Jarad Kopf Neil Kettle, (Trustwave) Rich Mirch Steve Petz Disclosures for 2018 Artem Metla Cody Wass, (NetSPI) David Azria, ...read more
XSA-299 Security Vulnerability
Oct 31, 2019 12:01 pm EST
IBM is aware of a reported XSA-299 security vulnerability (CVE-2019-18421) that potentially would permit an attacker from within a VSI to elevate privileges to that of the host. There are no known malicious exploits of this vulnerability, which potentially impacts the hypervisor. IBM is implementing updates to remediate this vulnerability. No downtime for clients is ...read more