Three vulnerabilities in Threat Intelligence Exchange (TIE) Server have been discovered and resolved.
AFFECTED SOFTWARE
These vulnerabilities are remediated in these versions:
Intel Security recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see Knowledge Base article SB10182, [Intel Security - Security Bulletin: Threat Intelligence Exchange server 1.3.0 update fixes a Linux Kernel Flaw (CVE-2016-0728) and two PostgreSQL vulnerabilities (CVE-2015-3165 and CVE-2015-3166)(https://kc.mcafee.com/corporate/index?page=content&id=SB10182)
AFFECTED SOFTWARE
- TIE Server 1.2.1 and earlier
These vulnerabilities are remediated in these versions:
- 1.3.0
- 2.0.0
- CVE-2016-0728 (CVSS: 6.7; Severity: Medium) Privilege Escalation
- CVE-2015-3165 (CVSS: 4.3; Severity: Medium) Denial of Service
- CVE-2015-3166 (CVSS: 3.1; Severity: Low) Information Leak / Disclosure
Intel Security recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see Knowledge Base article SB10182, [Intel Security - Security Bulletin: Threat Intelligence Exchange server 1.3.0 update fixes a Linux Kernel Flaw (CVE-2016-0728) and two PostgreSQL vulnerabilities (CVE-2015-3165 and CVE-2015-3166)(https://kc.mcafee.com/corporate/index?page=content&id=SB10182)
