A denial of service vulnerability (CVE-2016-8106) has been discovered in 40-GbE network interface modules for the IBM QRadar Network Security XGS 7100 appliance.
CVEID: CVE-2016-8106**
DESCRIPTION:** Intel Ethernet Controller X710/XL710 is vulnerable to a denial of service, caused by improper handling of certain network traffic. By sending specially-crafted network traffic, a remote attacker could exploit this vulnerability to cause the system to stop responding.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/120415 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
IBM QRadar Network Security XGS 7100 firmware version 5.4 with 40-GbE network interface modules
Product
| VRMF| Remediation/First Fix
—|—|—
IBM QRadar Network Security XGS 7100| Firmware version 5.4| Download Platform Hardware Diagnostics NVM Tool 1.1.1.3 from IBM Security License Key and Download Center, follow the instructions in the readme file, and update the firmware of 40-GbE network interface modules.
None