IBM Support

Security Bulletin: A security vulnerability has been identified in IBM PureApplication System shipped with IBM InfoSphere Information Server Hypervisor edition (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278)

Created by Clyde Mendonca on
Published URL:
https://www.ibm.com/support/pages/node/252535
252535

Security Bulletin


Summary

IBM PureApplication System is shipped as a component of IBM InfoSphere Information Server Hypervisor edition. Information about a security vulnerability affecting IBM PureApplication System has been published in a security bulletin. Other than the Information Server Hypervisor edition, Information Server and its components are not vulnerable.

Vulnerability Details

Please consult the security bulletin, Vulnerabilities in Bash affect IBM PureApplication System (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278) for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Version(s)

Affected Supporting Product and Version
InfoSphere Information Server Hypervisor Edition version 9.1 on Red Hat Linux
NOTE: No other versions of InfoSphere Information Server are affected by this vulnerability.		PureApplication System versions 1.0.0.0 to 1.1.0.2

Get Notified about Future Security Bulletins

Subscribe to My Notifications to be notified of important product support alerts like this.

References

Complete CVSS v2 Guide
On-line Calculator v2

Off

Related Information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Change History

09 October 2014: Original Version Published

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

Internal Use Only

PSIRTs 42771 and 43145

[{"Product":{"code":"SSZJPZ","label":"IBM InfoSphere Information Server"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Hypervisor Edition Packages for Red Hat Enterprise Linux Server","Platform":[{"code":"PF016","label":"Linux"}],"Version":"9.1","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}},{"Product":{"code":"SSZJPZ","label":"IBM InfoSphere Information Server"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
16 June 2018

UID

swg21685977

Page Feedback