Flowmon is aware of Intel® Server Platform Services vulnerabilities. We have diligently worked on an update for the affected Flowmon appliances (see the list below). Firmware update for the affected appliances is now available on our support portal as a hotfix package. We recommend our customers to install the hotfix package. Flowmon appliance will be rebooted after applying the hotfix. Hotfix won’t be installed on non-affected appliances. The hotfix will be also the integral part of the next Flowmon update.



Impacted were following appliances delivered between June 2016 and December 2017:

  • IFP-1000-CU

  • IFP-2000-CU

  • IFP-4000-CU

  • IFP-4000-SFP

  • IFP-6000-SFP

  • IFP-10000-SFP+

  • IFP-20000-SFP+

  • IFC-R5-1000

  • IFC-R5-2000

References

Intel Security Advisory (INTEL-SA-00086)  https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

Intel® Server Platform Services 4.0.x.x: CVE-2017-5706. CVE-2017-5709