[BESAdmin-Announcements] IBM Endpoint Manager Software Use Analysis deployed on IBM Endpoint Manager platform 9.1 is affected by the OpenSSL Heartbleed vulnerability (CVE-2014-0160) UPDATED Flash (Alert)
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Wed Apr 23 14:33:29 PDT 2014
IBM Endpoint Manager for Software Use Analysis (SUA) is deployed on top of
IBM Endpoint Manager. If IEM Software Use Analysis (SUA) 9.1 and SUA 2.2
Patch 3 are deployed on IEM platform 9.1 then they are affected by the
OpenSSL Heartbleed vulnerability (CVE-2014-0160). Please refer to flashes
and bulletins from IEM including:
http://www-01.ibm.com/support/docview.wss?uid=swg21669590
If you have downloaded SUA 9.1 and IEM 9.1 but have not installed it, we
recommend you delete packages and download it again from Passport
Advantage. If you downloaded SUA 9.1 and installed, please note that SUA
web application itself does not uses a vulnerable OpenSSL, so you need to
upgrade your current vulnerable installation of IEM 9.1 via fixlet upgrade
using BES Support site. In this case, please follow the instruction from
the IEM site:
https://www.ibm.com/developerworks/community/blogs/a1a33778-88b7-452a-9133-c955812f8910/entry/ibm_endpoint_manager_9_1_patch_1_heartbleed_fix_released?lang=en
Software Use Analysis(SUA) 1.x is not affected by the above vulnerability.
SUA 2.x/9.x using an IBM Endpoint Manager platform earlier than v9.1 are
not affected.
IEM Software Use Analysis Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20140423/e972d495/attachment.html>
More information about the Besadmin-announcements
mailing list