Security Bulletin: IBM Security Access Manager for Web v8.0 Front End Load Balancer susceptible to Heartbleed vulnerability (CVE-2014-0160)
IBM PSIRT 270004PFE3 email@example.com | | Tags:  psirthigh psirtsecurity
0 Comments | 840 Visits
IBM Security Access Manager (ISAM) for Web v8.0 introduced a layer 7 front end load balancer. The SSL framework used by this component exposes the 'heartbeat' TLS extension implemented through an older version of OpenSSL and is therefore susceptible to the Heartbleed vulnerability.
ISAM for Web v8.0, firmware versions 22.214.171.124 and 126.96.36.199
Refer to the following reference URLs for remediation and additional vulnerability details: