Number: AV17-108
Date: 21 July 2017
Purpose
The purpose of this advisory is to bring attention to an IBM Cisco security update.
Assessment
IBM Cisco released multiple security updates to address vulnerabilities (critical) in the following products:
- IBM Cisco DCNM Software Versions: DCNM 10.1(1), DCNM 10.1(2)
CVE References: CVE-2017-6639, CVE-2017-6640
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly
References:
- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-cisco-mds-series-switches-dcnm-is-affected-by-unauthenticated-remote-attacker-vulnerability-cve-2017-6639-cve-2017-6640
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-dcnm1
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-dcnm2