A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This v
|
System information
|
|
|
Affected software |
IBM |
Description
|
Multiple security vulnerabilities. CVE(s): CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792 and CVE-2014-8176 Affected product(s) and affected version(s): AIX 5.3, 6.1 and 7.1 VIOS 2.2.* Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://aix.software.ibm.com/aix/efixes/security/openssl_advisory14.asc X-Force Database: http://exchange.xforce.ibmcloud.com/vulnerabilities/103294 X-Force
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/a_vulnerability_in_the_tls_protocol_allows_a_man_in_the_middle_attacker_to_downgrade_vulnerable_tls_connections_using_ephemeral_diffie_hellman_key_exchange_to_512_bit_export_grade_cryptography_thi |
Standar resources
|
Property |
Value |
CVE |
|