Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM858AE0814B0606CAAD401114471EC230976E8E9BB8C23DEF159F31D3F5DBB1CE
HistoryFeb 11, 2020 - 9:31 p.m.

Security Bulletin: A security vulnerability has been identified in multiple products that ship with IBM Predictive Customer Intelligence (CVE-2014-3566)

2020-02-1121:31:00
www.ibm.com
15

0.975 High

EPSS

Percentile

100.0%

JSON

Summary

IBM Cognos Business Intelligence, IBM Infosphere Integration Bus, IBM WebSphere MQ, IBM DB2 Enterprise Server, IBM HTTP Server and IBM SPSS Modeler are shipped as components of IBM Predictive Customer Intelligence. Information about security vulnerabilities affecting IBM Cognos Business Intelligence, IBM Infosphere Integration Bus, IBM WebSphere MQ, IBM DB2 Enterprise Server, IBM HTTP Server and IBM SPSS Modeler has been published in the following security bulletins.

Vulnerability Details

Please consult the security bulletin Security Bulletin: IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568) for vulnerability details and information about fixes.

Please consult the security bulletin Security Bulletin: TLS padding vulnerability affects IBM® DB2® LUW (CVE-2014-8730) for vulnerability details and information about fixes.

Please consult the security bulletin Security Bulletin: Vulnerability in SSLv3 affects IBM SPSS Modeler (CVE-2014-3566) for vulnerability details and information about fixes.

Please consult the security bulletin Security Bulletin: TLS padding vulnerability affects IBM HTTP Server (CVE-2014-8730) for vulnerability details and information about fixes.

Please consult the security bulletin Security Bulletin : IBM WebSphere Message Broker and IBM Integration Bus are affected by SSLv3 Vulnerability (CVE-2014-3566 and CVE-ID: CVE-2014-3568) for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
IBM Predictive Customer Intelligence 1.0| IBM Infosphere Integration Bus 9.0.0.1;
IBM WebSphere MQ v 7.5.0.2;
IBM DB2 Enterprise Server Edition V10.1.0.3;
IBM SPSS Modeler Server Premium 16;
IBM Cognos Business Intelligence 10.2.1;
IBM Predictive Customer Intelligence 1.0.1| IBM Infosphere Integration Bus 9.0.0.1;
IBM WebSphere MQ v 7.5.0.2;
IBM DB2 Enterprise Server Edition V10.1.0.3;
IBM SPSS Modeler Server Premium 16;
IBM Cognos Business Intelligence 10.2.1;

Related

ibm 96
securityvulns 5
openvas 22
suse 7
nessus 37
freebsd_advisory 1
slackware 1
freebsd 1
archlinux 1
kaspersky 2
debian 2
osv 2
amazon 1
aix 1
centos 1
mageia 1
redhat 2
f5 3
nvd 2
lenovo 2
cvelist 1
cisco 1
ubuntu 1
prion 1
cve 1
vmware 2
fortinet 1
threatpost 1
ibm
ibm
Security Bulletin: IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568).
2018-06-15 23:13:34
Security Bulletin: IBM PureData System for Operational Analytics is affected by multiple vulnerabilities in SSLv3 and OpenSSL
2019-10-18 03:50:04
Security Bulletin: Vulnerability in SSLv3 affects multiple IBM Security Infrastructure appliances (CVE-2014-3566)
2022-02-23 19:48:26
securityvulns
securityvulns
OpenSSL multiple security vulnerabilities
2014-12-09 00:00:00
[slackware-security] openssl (SSA:2014-288-01)
2014-10-17 00:00:00
APPLE-SA-2015-09-16-2 Xcode 7.0
2015-10-05 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3053-1)
2014-10-15 00:00:00
openSUSE: Security Advisory for update (openSUSE-SU-2014:1331-1)
2014-10-30 00:00:00
Slackware: Security Advisory (SSA:2014-288-01)
2022-04-21 00:00:00
suse
suse
Security update for openssl1 (important)
2014-11-04 23:04:45
update for openssl (important)
2014-10-29 16:05:00
Security update for OpenSSL (important)
2014-11-11 00:05:06
nessus
nessus
VMware Security Updates for vCenter Server (VMSA-2015-0001) (POODLE)
2015-02-03 00:00:00
openSUSE Security Update : openssl (openSUSE-SU-2014:1426-1) (POODLE)
2014-11-17 00:00:00
OpenSSL < 0.9.8zc / < 1.0.0o / < 1.0.1j Multiple Vulnerabilities
2014-10-16 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:23.openssl
2014-10-21 00:00:00
slackware
slackware
[slackware-security] openssl
2014-10-15 17:58:22
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2014-10-15 00:00:00
archlinux
archlinux
openssl: denial of service / man-in-the-middle / poodle mitigation
2014-10-16 00:00:00
kaspersky
kaspersky
KLA10359 Vulnerability in Tableau
2014-07-18 00:00:00
KLA10452 Multiple vulnerabilities in VMware products
2015-01-27 00:00:00
debian
debian
[SECURITY] [DSA 3053-1] openssl security update
2014-10-16 15:48:24
[SECURITY] [DLA 81-1] openssl security update
2014-11-01 15:49:46
osv
osv
openssl - security update
2014-10-16 00:00:00
openssl - security update
2014-11-01 00:00:00
amazon
amazon
Important: openssl
2014-10-15 16:14:00
aix
aix
AIX OpenSSL Denial of Service due to memory leak in DTLS / AIX OpenSSL Patch to mitigate CVE-2014-3566 / AIX OpenSSL Denial of Service due to memory consumption
2014-10-29 04:58:52
centos
centos
openssl security update
2014-10-16 16:22:42
mageia
mageia
Updated openssl packages fix security vulnerabilities
2014-10-23 17:27:57
redhat
redhat
(RHSA-2014:1692) Important: openssl security update
2014-10-22 00:00:00
(RHSA-2014:1652) Important: openssl security update
2014-10-16 00:00:00
f5
f5
SOL15882 - TLS1.x padding vulnerability CVE-2014-8730
2014-12-08 00:00:00
SOL15702 - SSLv3 vulnerability CVE-2014-3566
2014-10-14 00:00:00
K15882 : TLS1.x padding vulnerability CVE-2014-8730
2015-09-25 00:00:00
nvd
nvd
CVE-2014-8730
2014-12-10 00:59:01
CVE-2014-6145
2014-12-12 11:59:02
lenovo
lenovo
POODLE: SSLv3 Vulnerability - Lenovo Support US
2016-07-22 00:00:00
POODLE: SSLv3 Vulnerability
2016-07-22 00:00:00
cvelist
cvelist
CVE-2014-8730
2014-12-10 00:00:00
cisco
cisco
SSL-TLS Implementations Cipher Block Chaining Padding Information Disclosure Vulnerability
2014-12-11 19:21:05
ubuntu
ubuntu
OpenSSL vulnerabilities
2014-10-16 00:00:00
prion
prion
Code injection
2014-12-10 00:59:00
cve
cve
CVE-2014-8730
2014-12-10 00:59:01
vmware
vmware
VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues
2015-01-27 00:00:00
VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues
2015-01-27 00:00:00
fortinet
fortinet
CVE-2014-8730 "Poodle for TLS" vulnerability
2014-12-18 00:00:00
threatpost
threatpost
Two Cisco Products Vulnerable to POODLE Attack on TLS
2014-12-16 09:10:44

0.975 High

EPSS

Percentile

100.0%

JSON
Related for 858AE0814B0606CAAD401114471EC230976E8E9BB8C23DEF159F31D3F5DBB1CE
ibm96securityvulns5openvas22suse7nessus37freebsd_advisory1slackware1freebsd1archlinux1kaspersky2debian2osv2amazon1aix1centos1mageia1redhat2f53nvd2lenovo2cvelist1cisco1ubuntu1prion1cve1vmware2fortinet1threatpost1