IBM Security Access Manager Appliance has addressed the following vulnerability.
CVEID:CVE-2017-7558
DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive information, caused by flaws in the inet_diag_msg_sctpaddrs_fill, inet_diag_msg_sctpladdrs_fill and sctp_get_sctp_info functions. An attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/130875> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected IBM Security Access Manager Appliance
|
Affected Versions
—|—
IBM Security Access Manager | 9.0.3.0 - 9.0.4.0
Product | VRMF | APAR | Remediation |
---|---|---|---|
IBM Security Access Manager | 9.0.3.0 - | ||
9.0.4.0 | IJ08673 |
None.