Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMEBBB62C06CCD8A5887798B63CE5D162239938151BCA4EC6C7A87B5112240453D
HistoryJun 18, 2018 - 1:29 a.m.

Security Bulletin: Vulnerability in Python-httplib2 affects PowerKVM (CVE-2013-2037)

2018-06-1801:29:42
www.ibm.com
9

0.002 Low

EPSS

Percentile

52.9%

JSON

Summary

PowerKVM is affected by a vulnerability in python-httplib2. This vulnerability is now fixed.

Vulnerability Details

CVEID: CVE-2013-2037**
DESCRIPTION:** The python-httplib2 could allow a remote attacker to obtain sensitive information, caused by the improper validation of https certificates. A remote attacker could exploit this vulnerability using man-in-the-middle techniques to obtain sensitive information.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/73490 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

Affected Products and Versions

PowerKVM 2.1

Remediation/Fixes

Fix is made available via Fix Central (https://ibm.biz/BdEnT8) in 2.1.1 Build 65.1 and all later 2.1.1 SP3 service builds and 2.1.1 fix packs. For systems currently running fix levels of PowerKVM prior to 2.1.1, please see <http://download4.boulder.ibm.com/sar/CMA/OSA/05e4c/0/README&gt; for prerequisite fixes and instructions. Customers can also update from 2.1.1 (GA and later levels) by using “yum update”.

Workarounds and Mitigations

None

CPENameOperatorVersion
powerkvmeq2.1

Related

nessus 3
debiancve 1
github 1
cve 1
openvas 3
prion 1
nvd 1
ubuntucve 1
securityvulns 2
fedora 1
osv 1
cvelist 1
ubuntu 1
nessus
nessus
Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : python-httplib2 vulnerability (USN-1948-1)
2013-09-10 00:00:00
Fedora 22 : python-httplib2-0.9-6.fc22 (2015-5503)
2015-04-22 00:00:00
Mandriva Linux Security Advisory : python-httplib2 (MDVSA-2013:168)
2013-05-28 00:00:00
debiancve
debiancve
CVE-2013-2037
2014-01-18 21:55:03
github
github
httplib2 incorrectly checks SSL certificate
2022-05-14 01:52:01
cve
cve
CVE-2013-2037
2014-01-18 21:55:03
openvas
openvas
Ubuntu Update for python-httplib2 USN-1948-1
2013-09-12 00:00:00
Fedora Update for python-httplib2 FEDORA-2015-5503
2015-07-07 00:00:00
Ubuntu: Security Advisory (USN-1948-1)
2013-09-12 00:00:00
prion
prion
Code injection
2014-01-18 21:55:00
nvd
nvd
CVE-2013-2037
2014-01-18 21:55:03
ubuntucve
ubuntucve
CVE-2013-2037
2013-05-02 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:168 ] python-httplib2
2013-06-05 00:00:00
python-httplib insufficient certificate validation
2013-06-05 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: python-httplib2-0.9-6.fc22
2015-04-21 18:26:58
osv
osv
PYSEC-2014-81
2014-01-18 21:55:00
cvelist
cvelist
CVE-2013-2037
2014-01-18 21:00:00
ubuntu
ubuntu
httplib2 vulnerability
2013-09-09 00:00:00

0.002 Low

EPSS

Percentile

52.9%

JSON
Related for EBBB62C06CCD8A5887798B63CE5D162239938151BCA4EC6C7A87B5112240453D
nessus3debiancve1github1cve1openvas3prion1nvd1ubuntucve1securityvulns2fedora1osv1cvelist1ubuntu1