IBM Security Bulletin: SSL/TLS side channel timing vulnerability on WebSphere DataPower (CVE-2014-0852)
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
DataPower appliances might be subject to side channel timing based attacks. CVE(s): CVE-2014-0852 Affected product(s) and affected version(s): Products: WebSphere DataPower SOA Appliances. Versions: All versions through 4.0.2.15, 5.0.0.17, 6.0.0.9, 6.0.1.5. Note that versions 7.0.0.0 and higher are not affected by this vulnerability. Hardware models: All platforms - 9004, 9005 and HS22 Blade. (9004 MTM - 9235-xxx; 9005 MTM - 7198 (1U) and 7199 (2U); HS22 - Integration Blade XI50B Type
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ssl_tls_side_channel_timing_vulnerability_on_websphere_datapower_cve_2014_0852?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2014-0852 ,CVE-2014-3069 ,CVE-2014-3020 and CVE-2014-0453. |