Lucene search

K
ibmIBM2F7ADE520928E45BDECE0F1C3D8E8E07F934DF3F69918FC4829075AF2364237F
HistoryJun 23, 2020 - 8:41 a.m.

Security Bulletin: Multiple vulnerabilities have been identified in IBM Tivoli Netcool/OMNIbus Probe for Network Node Manager i (CVE-2009-3555)

2020-06-2308:41:14
www.ibm.com
12

0.003 Low

EPSS

Percentile

69.4%

Summary

Information about security vulnerabilities affecting IBM Tivoli Netcool/OMNIbus Probe for Network Node Manager i is published in the details below.

Vulnerability Details

CVEID:CVE-2009-3555
**DESCRIPTION:**Multiple implementations of the Transport Layer Security (TLS) protocol, including SSL, could provide weaker than expected security, caused by TLS handshake renegotiation. A remote attacker could exploit this vulnerability via man-in-the-middle techniques to inject data into the beginning of the application protocol stream to execute HTTP transactions, bypass authentication and possibly launch further attacks against the victim.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/54158 for the current score.
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)

**Third Party Entry:**PSIRT-ADV0022327
**DESCRIPTION:**Created from Advisory: ADV0022327
CVSS Base score: 6.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

**Third Party Entry:**PSIRT-ADV0022328
**DESCRIPTION:**Created from Advisory: ADV0022328
CVSS Base score: 8.2
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Affected Products and Versions

Affected Product(s) Version(s)
Netcool/OMNIbus Integrations Probe for Network Node Manager i nco-p-hp-nnm-1_0 up to and including nco-p-hp-nnm-3_0

Remediation/Fixes

Affected Product(s) Version(s)
Netcool/OMNIbus Integrations Probe for Network Node Manager i nco-p-hp-nnm-4_0

Workarounds and Mitigations

None

CPENameOperatorVersion
tivoli netcool/omnibuseq8.1.0