Vulnerability Bulletins

IBM Security Bulletin: Vulnerability in IBM Java Runtime affects IBM Tivoli Monitoring (CVE-2015-0138)

System information
   
Affected software IBM

Description
The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM® Runtime Environment Java™ Technology Edition that is used by IBM Tivoli Monitoring (ITM). GSKit is an IBM component that is used by IBM Tivoli Monitoring. The GSKit that is shipped with IBM Tivoli Monitoring contains a security vulnerability for the “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. ITM has addressed the CVE.

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerability_in_ibm_java_runtime_affects_ibm_tivoli_monitoring_cve_2015_0138?lang=en_us

Standar resources
Property Value
CVE CVE-2015-0138 ,CVE-2014-3569 ,CVE-2014-3570 ,CVE-2014-3571 ,CVE-2014-3572 ,CVE-2014-8275 ,CVE-2015-0204 ,CVE-2015-0205 ,CVE-2015-0206 ,CVE-2015-0410 ,CVE-2014-6593 ,CVE-2015-0400 and CVE-2015-1349.

Version history
Version Comments Date
1.0 Advisory issued 2015-04-20
Ministerio de Defensa
CNI
CCN
CCN-CERT