IBM Security Bulletin: DH key exchange protocol vulnerability (“Logjam”) in IBM Java SDK affects IBM SPSS Analytic Server (CVE-2015-4000)
|
System information
|
|
|
Affected software |
IBM |
Description
|
Vulnerabilities in SSL/TLS protocol during key exchange phase using Diffie-Hellman (DH) ciphersuite, “Logjam” attack, affects IBM Java SDK 1.6, 1.7 that is used by IBM SPSS Analytic Server. CVE(s): CVE-2015-4000 Affected product(s) and affected version(s): IBM SPSS Analytic Server 1.0.1 IBM SPSS Analytic Server 2.0.0.1 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin:
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_dh_key_exchange_protocol_vulnerability_logjam_in_ibm_java_sdk_affects_ibm_spss_analytic_server_cve_2015_4000?lang=en_us |
Standar resources
|
Property |
Value |
CVE |
CVE-2015-4000. |