IBM6203868CB9DA44CAF0C989DADD3CAF418BADC50F895EE7B59AFF8575050373E7Security Bulletin: IBM MegaRAID Storage Manager is affected by a vulnerability in TLS (CVE-2019-6485)
0.005 Low
EPSS
Percentile
75.7%
Summary
The following vulnerability in TLS has been addressed by IBM MegaRAID Storage Manager.
Vulnerability Details
CVEID:CVE-2019-6485
**DESCRIPTION:**Citrix NetScaler Application Delivery Controller and NetScaler Gateway could allow a remote attacker to obtain sensitive information, caused by a TLS padding oracle vulnerability. An attacker could exploit this vulnerability to decrypt TLS traffic.
CVSS Base score: 5.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/157507 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| MegaRAID Storage Manager | 17.0 |
Remediation/Fixes
Firmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>
| Affected Product(s) | Version(s) |
|---|
MegaRAID Storage Manager
(ibm_utl_msm_17.05.02.01_windows_32-64)
| 17.05.02.01
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| megaraid storage manager | eq | 17.0 |
Related
0.005 Low
EPSS
Percentile
75.7%