Security Bulletin: IBM Security Access Manager for Web v8.0 Front End Load Balancer susceptible to Heartbleed vulnerability (CVE-2014-0160)
IBM PSIRT 270004PFE3 firstname.lastname@example.org | | Tags:  psirthigh psirtsecurity
0 Comments | 899 Visits
IBM Security Access Manager (ISAM) for Web v8.0 introduced a layer 7 front end load balancer. The SSL framework used by this component exposes the 'heartbeat' TLS extension implemented through an older version of OpenSSL and is therefore susceptible to the Heartbleed vulnerability.
ISAM for Web v8.0, firmware versions 18.104.22.168 and 22.214.171.124
Refer to the following reference URLs for remediation and additional vulnerability details: