Vulnerability Bulletins

IBM Security Bulletin: Vulnerability in RC4 stream cipher affects Sterling Secure Proxy (CVE-2015-2808)

System information
   
Affected software IBM

Description
The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM Sterling Secure Proxy. CVE(s): CVE-2015-2808 Affected product(s) and affected version(s): Sterling Secure Proxy 3.4.2.0 through 3.4.2.0 iFix 1 Sterling Secure Proxy 3.4.1.0 through 3.4.1.8 iFix 6 Sterling Secure Proxy 3.4.0.0 through 3.4.0.4 iFix 6 Sterling Secure Proxy 3.3.1.0 through 3.3.1.23 iFix06 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin:

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerability_in_rc4_stream_cipher_affects_sterling_secure_proxy_cve_2015_2808?lang=en_us

Standar resources
Property Value
CVE CVE-2015-2808.

Version history
Version Comments Date
1.0 Advisory issued 2015-04-24
Ministerio de Defensa
CNI
CCN
CCN-CERT