Is IBM Security Guardium vulnerable to CVE-2016-5387 and CVE-2016-5388?

Question & Answer

Question

Answer

For CVE-2016-5387: Guardium does not use the Apache HTTPD server with the Guardium appliance in v8.2, v9 or v10.
For CVE-2016-5388: By Guardium configuration, the CGIServlet is disabled.

So Guardium appliance is not vulnerable to CVE-2016-5387 and CVE-2016-5388.

Related Information

CVE-2016-5387 details (non IBM link)

CVE-2016-5388 details (non IBM link)

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Guardium Appliances","Platform":[{"code":"PF016","label":"Linux"}],"Version":"10.0;10.1;8.2;9.0;9.1;9.5","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Tips

Is IBM Security Guardium vulnerable to CVE-2016-5387 and CVE-2016-5388?

Question & Answer

Question

Answer

Related Information

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?