6.7 Medium
AI Score
Confidence
Low
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.004 Low
EPSS
Percentile
72.2%
The default configuration of TLS in IBM Tivoli Directory Server (TDS) 6.3 and earlier supports the (1) NULL-MD5 and (2) NULL-SHA ciphers, which allows remote attackers to trigger unencrypted communication via the TLS Handshake Protocol.
www-01.ibm.com/support/docview.wss?uid=swg21591272
www.ibm.com/support/docview.wss?uid=swg1IO15761
www.ibm.com/support/docview.wss?uid=swg1IO16035
www.ibm.com/support/docview.wss?uid=swg1IO16036
www.securityfocus.com/bid/53043
www.securitytracker.com/id?1026939
exchange.xforce.ibmcloud.com/vulnerabilities/74303