IBM Support

IV89792: SECURITY APAR CVE-2016-2927 OUT OF DATE ENCRYPTION ALGORITHMS USED IN IBM BIGFIX REMOTE CONTROL

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

APAR status

  • Closed as program error.

Error description

  • IBM BigFix Remote Control could allow a remote attacker to
    obtain sensitive information through man in the middle
    techniques due to using out of date encryption algorithms. IBM
    BigFix Remote Control has remediated this vulnerability.
    
    CVE ID: CVE-2016-2927
    

Local fix

  • not available
    

Problem summary

Problem conclusion

  • This fix is included in the IBM BigFix Remote Control 9.1.3
    application update.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV89792

  • Reported component name

    TIV EP MGR REM

  • Reported component ID

    5725C43RC

  • Reported release

    910

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-10-07

  • Closed date

    2016-10-11

  • Last modified date

    2016-10-11

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    TIV EP MGR REM

  • Fixed component ID

    5725C43RC

Applicable component levels

  • R910 PSN

       UP



Document information

More support for: IBM BigFix family

Software version: 910

Reference #: IV89792

Modified date: 11 October 2016


Translate this page: