Security Bulletin: IBM Security Access Manager for Web v8.0 Front End Load Balancer susceptible to Heartbleed vulnerability (CVE-2014-0160)
IBM PSIRT 270004PFE3 firstname.lastname@example.org | | Tags:  psirtsecurity psirthigh
0 Comments | 940 Visits
IBM Security Access Manager (ISAM) for Web v8.0 introduced a layer 7 front end load balancer. The SSL framework used by this component exposes the 'heartbeat' TLS extension implemented through an older version of OpenSSL and is therefore susceptible to the Heartbleed vulnerability.
ISAM for Web v8.0, firmware versions 184.108.40.206 and 220.127.116.11
Refer to the following reference URLs for remediation and additional vulnerability details: