IBM Security Bulletin: Vulnerability in RC4 stream cipher affects GPFS V3.5 for Windows (CVE-2015-2808) / Enabling weak cipher suites for IBM General Parallel File System is NOT recommended
|
System information
|
|
|
Affected software |
IBM |
Description
|
The RC4 “Bar Mitzvah” Attack for SSL/TLS affects OpenSSH for GPFS V3.5 for Windows. Additionally, with the recent attention to RC4 “Bar Mitzvah” Attack for SSL/TLS, this is a reminder to NOT enable weak or export-level cipher suites for IBM General Parallel File System (GPFS). CVE(s): CVE-2015-2808 Affected product(s) and affected version(s): OpenSSH for GPFS V3.5 for Windows Refer to the following reference URLs for remediation and additional vulnerability
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerability_in_rc4_stream_cipher_affects_gpfs_v3_5_for_windows_cve_2015_2808_enabling_weak_cipher_suites_for_ibm_general_parallel_file_system_is_not_recommended?lang=en_us |
Standar resources
|
Property |
Value |
CVE |
CVE-2015-2808. |