Home Unlabelled IBM Security Bulletin: An OpenSSL vulnerability could affect IBM Performance Management products (CVE-2016-2183)

IBM Security Bulletin: An OpenSSL vulnerability could affect IBM Performance Management products (CVE-2016-2183)

By
Thursday, October 04, 2018
Read
Add Comment

Oct 4, 2018 9:02 am EDT

Categorized: Low Severity

Share this post:

OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack.

CVE(s): CVE-2016-2183

Affected product(s) and affected version(s):

IBM Monitoring 8.1.3
IBM Application Diagnostics 8.1.3
IBM Application Performance Management 8.1.3
IBM Application Performance Management Advanced 8.1.3
IBM Cloud Application Performance Management Base Private 8.1.4
IBM Cloud Application Performance Management Advanced Private 8.1.4

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10733835
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/116337



from IBM Product Security Incident Response Team https://ift.tt/2IEnaI2
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us