Boletines de Vulnerabilidades

IBM Security Bulletin: TLS padding vulnerability affects IBM Rational ClearQuest (CVE-2014-8730)

Información sobre el sistema
   
Software afectado IBM

Descripción
Transport Layer Security (TLS) padding vulnerability via a POODLE (Padding Oracle On Downgraded Legacy Encryption) like attack affects IBM Rational ClearQuest. CVE(s): CVE-2014-8730 Affected product(s) and affected version(s): The vulnerable components are used by ClearQuest Web server when supporting SSL connections with IBM HTTP Server, and any ClearQuest deployments using LDAP authentication configured to use SSL connections. ClearQuest Status 8.0.1.x Affected

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_tls_padding_vulnerability_affects_ibm_rational_clearquest_cve_2014_8730?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-8730.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-12-28

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT