5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
Information about security vulnerabilities affecting IBM Tivoli Netcool/OMNIbus Probe for Network Node Manager i is published in the details below.
CVEID:CVE-2009-3555
**DESCRIPTION:**Multiple implementations of the Transport Layer Security (TLS) protocol, including SSL, could provide weaker than expected security, caused by TLS handshake renegotiation. A remote attacker could exploit this vulnerability via man-in-the-middle techniques to inject data into the beginning of the application protocol stream to execute HTTP transactions, bypass authentication and possibly launch further attacks against the victim.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/54158 for the current score.
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
**Third Party Entry:**PSIRT-ADV0022327
**DESCRIPTION:**Created from Advisory: ADV0022327
CVSS Base score: 6.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
**Third Party Entry:**PSIRT-ADV0022328
**DESCRIPTION:**Created from Advisory: ADV0022328
CVSS Base score: 8.2
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Affected Product(s) | Version(s) |
---|---|
Netcool/OMNIbus Integrations Probe for Network Node Manager i | nco-p-hp-nnm-1_0 up to and including nco-p-hp-nnm-3_0 |
Affected Product(s) | Version(s) |
---|---|
Netcool/OMNIbus Integrations Probe for Network Node Manager i | nco-p-hp-nnm-4_0 |
None
CPE | Name | Operator | Version |
---|---|---|---|
tivoli netcool/omnibus | eq | 8.1.0 |