Lucene search

K
cvelistIbmCVELIST:CVE-2012-2191
HistoryAug 08, 2012 - 10:00 a.m.

CVE-2012-2191

2012-08-0810:00:00
ibm
www.cve.org

6.8 Medium

AI Score

Confidence

High

0.068 Low

EPSS

Percentile

93.9%

IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, does not properly validate data during execution of a protection mechanism against the Vaudenay SSL CBC timing attack, which allows remote attackers to cause a denial of service (application crash) via crafted values in the TLS Record Layer, a different vulnerability than CVE-2012-2333.