## Summary
The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM Sterling Connect:Direct for UNIX.
## Vulnerability Details
**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)
**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as "Bar Mitzvah Attack".
CVSS Base Score: 5
CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
## Affected Products and Versions
IBM Sterling Connect:Direct for Unix 4.2.0
IBM Sterling Connect:Direct for Unix 4.1.0
IBM Sterling Connect:Direct for Unix 4.0.0
## Remediation/Fixes
IBM Sterling Connect:Direct for UNIX by default disables the RC4 stream cipher. If you enabled the RC4 stream cipher you are exposed to the RC4 “Bar Mitzvah” Attack for SSL/TLS. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.
To disable RC4 stream ciphers, open the CD Secure+ Admin Tool and go through the list of node entries. For each entry, go to its TLS/SSL Protocol > TLS/SSL Options tab and remove any RC4 stream cipher from the list shown in the Enabled box.
You should verify applying this configuration change does not cause any compatibility issues.
Note that the remaining available ciphers are generally CBC ciphers. CBC ciphers are vulnerable to [CVE-2011-3389](<https://vulners.com/cve/CVE-2011-3389>) (BEAST Attack). While the previous recommendation to mitigate CVE-2011-3389 was to not use CBC ciphers, there is now a fix available to mitigate CVE-2011-3389. Therefore IBM recommends to apply the following fix in addition to disabling RC4 stream ciphers:
V.R.M.F| APAR| Remediation/First Fix
---|---|---
4.2.0| IT08276| Apply 4.2.0.2 iFix 020, available on [_Fix Central_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+Connect%3ADirect+for+UNIX&release=4.2.0.2&platform=All&function=fixId&fixids=4.2.0.2*iFix020*&includeSupersedes=0>)
4.1.0| IT08276| Apply 4.1.0.4 iFix 048, available on [_Fix Central_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+Connect%3ADirect+for+UNIX&release=4.1.0.4&platform=All&function=fixId&fixids=4.1.0.4*iFix048*&includeSupersedes=0>)
4.0.0| IT08276| Apply 4.0.00 Fix 137, available on [_IWM_](<https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=swg-SterlngLegacyreq>)
## Workarounds and Mitigations
None
##
{"ibm": [{"lastseen": "2023-02-21T01:38:15", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah Attack\" for SSL/TLS affects IBM Sterling Connect:Direct for Microsoft Windows.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Sterling Connect:Direct for Microsoft Windows 4.7.0 and earlier.\n\n## Remediation/Fixes\n\nIBM Sterling Connect:Direct for Microsoft Windows by default disables the RC4 stream cipher. If you enabled the RC4 stream cipher you are exposed to the RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\nTo disable RC4 stream ciphers, open the CD Secure+ Admin Tool and go through the list of node entries. For each entry, go to its TLS/SSL Protocol > TLS/SSL Options tab and remove any RC4 stream cipher from the list shown in the Enabled box. \n\nYou should verify applying this configuration change does not cause any compatibility issues.\n\n \n \nNote that the remaining available ciphers are generally CBC ciphers. CBC ciphers are vulnerable to [CVE-2011-3389](<https://vulners.com/cve/CVE-2011-3389>) (BEAST Attack). While the previous recommendation to mitigate CVE-2011-3389 was to not use CBC ciphers, there is now a fix available to mitigate CVE-2011-3389. Therefore IBM recommends to apply the following fix in addition to disabling RC4 stream ciphers: \n \n**Product**| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nIBM Sterling Connect:Direct for Microsoft Windows| 4.5.00| [IT08243](<http://www.ibm.com/support/docview.wss?uid=swg1IT08243>)| Apply 4.5.00 patch 056, available on [IWM](<https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=swg-SterlngLegacyreq>) \nIBM Sterling Connect:Direct for Microsoft Windows| 4.5.01| [IT08243](<http://www.ibm.com/support/docview.wss?uid=swg1IT08243>)| Apply 4.5.01 patch 022, available on [IWM](<https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=swg-SterlngLegacyreq>) \nIBM Sterling Connect:Direct for Microsoft Windows| 4.6.0| [IT08243](<http://www.ibm.com/support/docview.wss?uid=swg1IT08243>)| Apply 4.6.0.5_iFix010, available on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/Sterling+Connect%3ADirect+for+Microsoft+Windows&release=4.6.0.5&platform=All&function=all>) \nIBM Sterling Connect:Direct for Microsoft Windows| 4.7.0| [IT08243](<http://www.ibm.com/support/docview.wss?uid=swg1IT08243>)| Apply 4.7.0.3_iFix005, available on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/Sterling+Connect%3ADirect+for+Microsoft+Windows&release=4.7.0.3&platform=All&function=all>) \n \nFor older unsupported versions IBM recommends upgrading to a fixed, supported version of the product. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2020-07-24T22:19:08", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Sterling Connect:Direct for Microsoft Windows (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389", "CVE-2015-2808"], "modified": "2020-07-24T22:19:08", "id": "4658C62A77F48A34C93A36AA5082184E598712E676A47847A2174B2175EB4DBB", "href": "https://www.ibm.com/support/pages/node/261419", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T18:20:46", "description": "## Summary\n\nSSL and TLS vulnerabilities were disclosed in September 2011. This vulnerability has been referred to as the \u201cBEAST\u201d attack. SSL protocol is used by SAN Volume Controller and Storwize Family.\n\n## Vulnerability Details\n\n**CVE-ID**: [_CVE-2011-3389_](<https://vulners.com/cve/CVE-2011-3389>) \n \n**DESCRIPTION**: Multiple products could allow a remote attacker to obtain sensitive information, caused by a design error in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols when using a Cipher-Block Chaining (CBC) based cryptographic algorithm. By persuading a victim to visit a Web site, a remote attacker could exploit this vulnerability using man-in-the-middle techniques to decrypt HTTPS sessions and obtain sensitive information. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [**_http://xforce.iss.net/xforce/xfdb/70069_**](<http://xforce.iss.net/xforce/xfdb/70069>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n\n## Affected Products and Versions\n\nIBM SAN Volume Controller \nIBM Storwize V7000 \nIBM Storwize V5000 \nIBM Storwize V3700 \nIBM Storwize V3500 \n \nAll products are affected when running supported releases 1.1 to 7.3. Release 7.4 is not affected once the minimum SSL protocol level has been set (see below).\n\n## Remediation/Fixes\n\nIBM recommends that you fix this vulnerability by upgrading affected versions of IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500 to the following code levels or higher: \n \n7.3.0.10 \n7.4.0.4 \n \n[_Latest SAN Volume Controller Code_](<http://www-01.ibm.com/support/docview.wss?rs=591&uid=ssg1S1001707>) \n[_Latest Storwize V7000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003705>) \n[_Latest Storwize V5000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004336>) \n[_Latest Storwize V3700 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004172>) \n[_Latest Storwize V3500 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004171>) \n \nIf running 7.4.0.0 code before 7.4.0.4, please run one of the following commands ... \n \nchsecurity -sslprotocol 2 \nchsecurity -sslprotocol 3 \n \n[_SAN Volume Controller 7.4 Knowledge Centre - chsecurity command_](<http://www-01.ibm.com/support/knowledgecenter/STPVGU_7.4.0/com.ibm.storage.svc.console.740.doc/svc_chsecurity.html?lang=en>) \n \nThe default SSL protocol in 7.4.0.4 and 7.3.0.10 is not vulnerable and so running chsecurity not necessary. \n \nIBM recommends that you review your entire environment to identify levels of SSL protocol being used.\n\n## Workarounds and Mitigations\n\nAlthough IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {}, "published": "2022-08-20T00:54:31", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in SSL and TLS protocols affects SAN Volume Controller and Storwize Family (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2022-08-20T00:54:31", "id": "4BED10A9B77647D47155BEF6AEAE7754FE7B1E83A7CC5B95FC30366FA2805FDD", "href": "https://www.ibm.com/support/pages/node/690173", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T17:59:45", "description": "## Summary\n\nSecurity Bulletin: Vulnerabilities in SSL and TLS protocols affects SAN Volume Controller and Storwize Family (CVE-2011-3389)\n\n## Vulnerability Details\n\n## Security Bulletin \n \n--- \n \nSummary \n--- \n \nSSL and TLS vulnerabilities were disclosed in September 2011. This vulnerability has been referred to as the \u201cBEAST\u201d attack. SSL protocol is used by SAN Volume Controller and Storwize Family.\n\n## Vulnerability Details \n \n--- \n \n**CVE-ID**: [_CVE-2011-3389_](<https://vulners.com/cve/CVE-2011-3389>) \n \n**DESCRIPTION**: Multiple products could allow a remote attacker to obtain sensitive information, caused by a design error in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols when using a Cipher-Block Chaining (CBC) based cryptographic algorithm. By persuading a victim to visit a Web site, a remote attacker could exploit this vulnerability using man-in-the-middle techniques to decrypt HTTPS sessions and obtain sensitive information. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [**_http://xforce.iss.net/xforce/xfdb/70069_**](<http://xforce.iss.net/xforce/xfdb/70069>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions \n \n--- \n \nIBM SAN Volume Controller \nStorwize V7000 for Lenovo \nStorwize V5000 for Lenovo \nStorwize V3700 for Lenovo \nStorwize V3500 for Lenovo \n \nAll products are affected when running supported releases 1.1 to 7.3. Release 7.4 is not affected once the minimum SSL protocol level has been set (see below).\n\n## Remediation/Fixes \n \n--- \n \nLenovo recommends that you fix this vulnerability by upgrading affected versions of IBM SAN Volume Controller, Storwize V7000, V5000, V3700 and V3500 for Lenovo to the following code level or higher: \n \n7.4.0.0 \n \n[ _Latest SAN Volume Controller Code_](<http://www-01.ibm.com/support/docview.wss?rs=591&uid=ssg1S1001707>) \n[_Latest Storwize V7000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003705>) \n[_Latest Storwize V5000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004336>) \n[_Latest Storwize V3700 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004172>) \n[_Latest Storwize V3500 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004171>) \n \nOnce you have upgraded the system you should use the CLI command \u201clssecurity\u201d to determine the current minimum level of SSL protocol allowed. If it is less than level 3 (which allows only TLS 1.2 with ciphers exclusive to TLS 1.2) then modify it with CLI command \u201cchsecurity\u201d. This could cause systems connected to this system via SSL to stop working because they require upgrade or reconfiguration to allow them to use TLS 1.2 with exclusive ciphers. Upgrade those systems or use \u201cchsecurity\u201d again to reduce the minimum level this system uses until the connection works again. \n \nThe system is vulnerable until its SSL protocol level is set to 3 using \u201cchsecurity\u201d. \n \n[ _SAN Volume Controller 7.4 Knowledge Center - lssecurity command_](<http://www-01.ibm.com/support/knowledgecenter/STPVGU_7.4.0/com.ibm.storage.svc.console.740.doc/svc_lssecurity.html?lang=en>) \n[ _SAN Volume Controller 7.4 Knowledge Centre - chsecurity command_](<http://www-01.ibm.com/support/knowledgecenter/STPVGU_7.4.0/com.ibm.storage.svc.console.740.doc/svc_chsecurity.html?lang=en>) \n \nLenovo recommends that you review your entire environment to identify levels of SSL protocol being used.\n\n## Workarounds and Mitigations \n \n--- \n \nAlthough Lenovo recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {}, "published": "2023-03-29T01:48:02", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in SSL and TLS protocols affects SAN Volume Controller and Storwize Family (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2023-03-29T01:48:02", "id": "54F08A3E75F1334BAEA6B9D028356C7A554BD574E0B0139E6023C9756DA9A6B6", "href": "https://www.ibm.com/support/pages/node/865966", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T18:15:00", "description": "## Abstract\n\nEarlier versions of the Transport Layer Security (TLS) protocol are affected by a publicly disclosed vulnerability that could allow information disclosure if an attacker is carrying out a man-in-the-middle attack. Customers can avoid the vulnerability by following workarounds recommended by IBM.\n\n## Content\n\n**VULNERABILITY DETAILS:**\n\n \n**CVE ID****:** CVE-2011-3389 \n\n**DESCRIPTION:**\n\nA potential vulnerability has been identified in older versions of the Transport Layer Security (TLS, formerly known as Secure Socket Layer or SSL) protocol that may be utilized by the Browser-Based Interface (BBI) feature in IBM Networking Operating System (NOS) (formerly known as BLADE Operating System). NOS runs on IBM System Networking Ethernet switches (as well as legacy Blade Network Technology (BNT) Ethernet switches). Because BBI is the only feature in NOS to use the TLS protocol as of the date of this bulletin, Customers who do not run BBI on their IBM Ethernet switches are not impacted by this vulnerability. It is possible that future NOS features could use TLS protocols; there are instructions on how to avoid the vulnerability in such situations in the \u201cWorkaround\u201d section below. \n\nThis attack against the TLS protocol is also known as BEAST, and it exploits the use of chained initialization vectors in early versions of the protocol. A remote attacker could exploit this vulnerability using man-in-the-middle techniques to decrypt TLS sessions and obtain sensitive information such as user authentication cookies that could be further leveraged to obtain sensitive information such as account credentials. The attack does not require local network access or physical access to the network and is therefore remotely exploitable, but specialized knowledge and techniques are required to execute this attack. A successful exploit will not impact integrity or availability of transmitted data, but the confidentiality of network traffic may be affected, although the attacker would not be able to control what data are accessed. \n\nSSLv3 and TLS 1.0 are the older versions of this protocol that are susceptible to this vulnerability; newer versions of TLS \u2013 1.1 and 1.2 \u2013 are not. IBM NOS has supported TLS 1.1 and 1.2 since NOS version 6.7, but even these recent versions of NOS continue to support SSLv3 and TLS 1.0 as well. Therefore, even recent versions of NOS that support TLS 1.1 and 1.2 may be susceptible to this vulnerability if a user uses the switch to communicate with TLS peers that only support the older vulnerable versions of the protocol. \n\n**CVSS v2 Base Score:** 4.3 \n**CVSS Environmental Score***: Undefined \n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**AFFECTED PRODUCTS AND VERSIONS:**\n\nThis vulnerability potentially affects all IBM System Networking Ethernet switches and legacy BNT Ethernet switches (including those used in IBM Flex Systems and IBM BladeCenter products). This includes versions and releases that are no longer in support. \n\n**REMEDIATION:**\n\nNone.\n\n**WORKAROUND:**\n\nCustomers can avoid this vulnerability altogether by not using the BBI feature on their IBM Ethernet switches; instead, customers would use Secure Shell (SSH) to administer the device via command line. IBM recommends that customers running versions of NOS that are older than NOS 6.7 not use BBI, as those versions of NOS do not support TLS 1.1 and 1.2. \n\nIBM recommends that customers running NOS 6.7 or later on their IBM Ethernet switches who want to continue using BBI do so to communicate only with Web browsers that also support TLS 1.1 and 1.2. Similarly, to the extent any future NOS features use the TLS protocol, IBM recommends that customers use those features only to communicate with TLS peers that also support TLS 1.1 and 1.2. \n\n**MITIGATION:**\n\nNone.\n\n \n**REFERENCES:**\n\n[\u00b7 _Complete CVSS Guide_](<http://www.first.org/cvss/v2/guide>) \n[\u00b7 _On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>) \n[\u00b7 _CVE-2011-3389_](<https://vulners.com/cve/CVE-2011-3389>) \n[\u00b7 _X-Force Vulnerability Database_](<http://xforce.iss.net/xforce/xfdb/70069>)\n\n**RELATED INFORMATION:**\n\n[_IBM Secure Engineering Web Portal _](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>)\n\n**CHANGE HISTORY:**\n\n<October 10, 2013>: Original Copy Published.\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. \n\nNote: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Product\":{\"code\":\"SG9VJE\",\"label\":\"Data Center Ethernet-\\u003EIBM RackSwitch G8264T\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SG9VCJ\",\"label\":\"Power System G Series Rackswitch\"},\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}},{\"Product\":{\"code\":\"SGLV6E\",\"label\":\"Data Center Ethernet-\\u003EIBM RackSwitch G8052- 7309, 1455\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SGLV7C\",\"label\":\"Data Center Ethernet-\\u003EIBM RackSwitch G8124, 8124E - 7309, 0446, 1455\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SGLV3H\",\"label\":\"Data Center Ethernet-\\u003EIBM RackSwitch G8264-7309, 0446, 1455\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SG9VCJ\",\"label\":\"Power System G Series Rackswitch\"},\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB08\",\"label\":\"Cognitive Systems\"}},{\"Product\":{\"code\":\"SGLUET\",\"label\":\"Data Center Ethernet-\\u003EIBM RackSwitch G8316\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"Version Independent\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}}]", "cvss3": {}, "published": "2022-09-26T22:21:32", "type": "ibm", "title": "Security Bulletin: Vulnerability in Transport Layer Security Protocol Used in IBM System Networking Ethernet Switches (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2022-09-26T22:21:32", "id": "269B504D34D7B9BDD776A87F2BEC62D1CD4CA692AD0765FE50BEF0B6FFC0283F", "href": "https://www.ibm.com/support/pages/node/677963", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-12T17:34:51", "description": "## Summary\n\nSSL and TLS vulnerabilities were disclosed in September 2011. This vulnerability has been referred to as the \u201cBEAST\u201d attack. SSL protocol is used by the IBM FlashSystem V840.\n\n## Vulnerability Details\n\n**CVE-ID**: [_CVE-2011-3389_](<https://vulners.com/cve/CVE-2011-3389>) \n \n**DESCRIPTION**: Multiple products could allow a remote attacker to obtain sensitive information, caused by a design error in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols when using a Cipher-Block Chaining (CBC) based cryptographic algorithm. By persuading a victim to visit a Web site, a remote attacker could exploit this vulnerability using man-in-the-middle techniques to decrypt HTTPS sessions and obtain sensitive information. \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [**_http://xforce.iss.net/xforce/xfdb/70069_**](<http://xforce.iss.net/xforce/xfdb/70069>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM FlashSystem V840 including machine type and models (MTMs) for all available code levels. MTMs affected include 9846-AC0, 9846-AC1, 9848-AC0, and 9848-AC1. \n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nFlashSystem V840 MTMs: \n\n9846-AE1,\n\n9848-AE1,\n\n9846-AC0,\n\n9846-AC1,\n\n9848-AC0,\n\n9848-AC1\n\n| A code fix is now available. The VRMF of this code level is 1.1.3.8 (or later) for the storage enclosure nodes (-AEx) and 7.4.0.4 for the control nodes (-ACx)| None| This vulnerability has been remediated in firmware versions 1.1.3.8 (-AEx) and 7.4.0.4 (-ACx) \n \n_For firmware versions released earlier than 1.1.3.8 for the storage enclosure nodes and 7.4.0.4 for the control nodes, IBM recommends upgrading to a fixed, supported version/release/platform of the product._ \n \n_For both enclosure types (-AEx & -ACx):_ \nYou should verify applying this fix does not cause any compatibility issues. The fix is being released with the fix to the Bar Mitzvah attack and so disables RC4 stream cipher in all cases and does not allow it to be re-enabled. Even so, if you change the security setting you will expose yourself to the BEAST attack described above. IBM recommends that you review your entire environment to identify levels of SSL protocol being used. \n \nThe system is vulnerable until all enclosures have their SSL protocol level is set to 3 using \u201cchsecurity\u201d. \n \n_For the control nodes (-ACx): _ \nOnce you have upgraded the system you should use the CLI command \u201clssecurity\u201d to determine the current minimum level of SSL protocol allowed. If it is less than level 3 (which allows only TLS 1.2 with ciphers exclusive to TLS 1.2) then modify it with CLI command \u201cchsecurity\u201d. This could cause systems connected to this system via SSL to stop working because they require upgrade or reconfiguration to allow them to use TLS 1.2 with exclusive ciphers. Upgrade those systems or use \u201cchsecurity\u201d again to reduce the minimum level this system uses until the connection works again. \n \n[_SAN Volume Controller 7.4 Knowledge Center - lssecurity command_](<http://www-01.ibm.com/support/knowledgecenter/STPVGU_7.4.0/com.ibm.storage.svc.console.740.doc/svc_lssecurity.html?lang=en>) \n[_SAN Volume Controller 7.4 Knowledge Centre - chsecurity command_](<http://www-01.ibm.com/support/knowledgecenter/STPVGU_7.4.0/com.ibm.storage.svc.console.740.doc/svc_chsecurity.html?lang=en>) \n \n_For the storage enclosures (-AEx):_ \nYou should verify applying this fix does not cause any compatibility issues. The fix is being released with the fix to the Bar Mitzvah attack and so disables RC4 stream cipher in all cases and does not allow it to be re-enabled. Even so, if you change the security setting you will expose yourself to the BEAST attack described above. IBM recommends that you review your entire environment to identify levels of SSL protocol being used. \n\nOnce you have upgraded the system with this fix you should use the CLI command:\n\nsvcinfo lssecurity\n\nto determine the current minimum level of SSL protocol allowed. If it is less than level 3 (which allows only TLS 1.2 with ciphers exclusive to TLS 1.2), then modify it with CLI command:\n\nsvctask chsecurity \u2013sslprotocol 3\n\nThis could cause systems connected to this system via SSL to stop working because they require upgrade or reconfiguration to allow them to use TLS 1.2 with exclusive ciphers. Upgrade those systems or use \u201csvctask chsecurity\u201d again to reduce the minimum level this system uses until the connection works again.\n\n_For firmware versions released earlier than 1.1.3.8, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n \n \n[_Link to FlashSystem V840 fixes_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Flash+high+availability+systems&product=ibm/StorageSoftware/IBM+FlashSystem+V840&release=All&platform=All&function=all>)\n\n## Workarounds and Mitigations\n\nAlthough IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {}, "published": "2018-06-18T00:09:28", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in SSL and TLS protocols affect the IBM FlashSystem V840 (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2018-06-18T00:09:28", "id": "DDCE3DF1C0F2F3507A59F94E81A8ADEA101DC8CB5DCFAEE3754B7E7CBB0C41CB", "href": "https://www.ibm.com/support/pages/node/690445", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T18:28:35", "description": "## Summary\n\nSecurity Bulletin: IBM System x and Flex Systems Browser Exploit Against SSL/TLS (BEAST) Mitigations (CVE-2011-3389)\n\n## Vulnerability Details\n\n## Summary\n\nThe SSL 3.0 and TLS 1.0 protocols when used with Cipher Block Chaining (CBC) mode with chained initialization vectors may allow man-in-the-middle attackers to obtain plaintext HTTP headers.\n\n## Content\n\n**Vulnterability Details**\n\n**Product** | **Affected Versions** \n---|--- \nIBM Flex System Integrated Management Module v2 (IMM2) | 1.00 to 2.00 \nIBM System x Integrated Management Module v2 (IMM2) | 1.00 to 2.50 \nIBM Flex System Chassis Management Module (CMM) | 1.00 to 1.40.2Q \n(2PET10A to 2PET10Q) \nIBM Flex System Manager (FSM) | 1.0.0 to 1.3.0 \nIBM BladeCenter Advanced Management Module (AMM) | 1.00 to 3.64g \n(BPET64G) \n \n## \n\n**CVE ID:** [CVE-2011-3389](<https://vulners.com/cve/CVE-2011-3389>)\n\n**Description:**\n\nThe SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a \"BEAST\" attack. (From the [National Vulnerability Database](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389>))\n\nCVSS: \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/70069> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\nList the affected versions/releases/platforms, as best possible.\n\n * Flex System Chassis Management Module, Option part number 68Y7029\n * Flex System Enterprise Chassis, type 7893, any model\n * Flex System Enterprise Chassis, type 8721, any model\n * Flex System Enterprise Chassis, type 8724, any model\n * Flex System x220 Compute Node, Types 7906, 2585, any model\n * Flex System x240 Compute Node, Types 8737, 8738, 7863, any model\n * Flex System x440 Compute Node, Type 7917, any model\n * Flex System Manager Node, Types 7955, 8731, 8734, any model\n * Flex System V7000 Dual Controller Storage Node, Type 4939, any model\n * System x3100 M4, Type 2582, any model\n * System x3250 M4,Type 2583, any model\n * System x3300 M4, Type 7382, any model\n * System x3500 M4, Type 7383, any model\n * System x3530 M4, Type 7160, any model\n * System x3550 M4, Type 7914, any model\n * System x3630 M4, Type 7158, any model\n * System x3630 M4 HD, Type 5466, any model\n * System x3650 M4, Type 7915, any model\n * System x3650 M4 HD, Type 5460, any model\n * System x3750 M4, Types 8722, 8733, 8752, any model\n * iDataPlex dx360 M4, Types 7912, 7913, any model\n * IBM System x iDataPlex Direct Water Cooled dx360 M4 server, Types 7918, 7919, any model\n * BladeCenter HS23, Types 7875, 1929, any model\n * BladeCenter HS23E, Types 8038, 8039, any model\n * IBM BladeCenter S\n * IBM BladeCenter H\n * IBM BladeCenter E\n * IBM BladeCenter HT\n * IBM Advanced Management module\n\n## Remediation:\n\nBrowsers contain a mitigation for this issue, as described below under \u201cMitigation(s).\u201d The following firmware versions also support TLS 1.2, which is not vulnerable to this issue. Firmware updates are available through [IBM Fix Central](<http://www.ibm.com/support/fixcentral>).\n\n**Product** | **Recommended Version** \n---|--- \nIBM Flex System Integrated Management Module v2 (IMM2) | 3.50 (1AOO50B) or newer \nIBM System x Integrated Management Module v2 (IMM2) | 3.65 (1AOO50D) or newer \nIBM Flex System Chassis Management Module (CMM) | v1.50.1F (2PET12F) or newer \nIBM Flex System Manager (FSM) | \n\n1.3.1 or newer \n \n \nIBM BladeCenter Advanced Management Module (AMM) | v3.66B or newer \n \nMany ports on the Integrated Management Module v2, Chassis Management Module, and Flex System Manager can be restricted to use only the TLS 1.2 version of the SSL/TLS protocol. For additional information please see the following document: [ http://pic.dhe.ibm.com/infocenter/flexsys/information/index.jsp?topic=%2Fcom.ibm.acc.8731.doc%2Fusing_tls12.html](<http://pic.dhe.ibm.com/infocenter/flexsys/information/index.jsp?topic=%2Fcom.ibm.acc.8731.doc%2Fusing_tls12.html>) Please note that when using the firmware versions listed above configuring the Chassis Management Module automatically configures any Integrated Management Module v2 and Power Service Processor in the chassis. The instructions given for configuring the IMM2 are only required for IMM2 outside the IBM Flex Systems chassis.\n\n## Workaround\n\nNone\n\n## Mitigation\n\nMozilla Firefox, Internet Explorer, Google Chrome, and Opera contain a browser-side mitigation for this issue. It is known as the 1/n-1 splitting mitigation. Communication between browsers and servers is protected as long as the system with the browser has an up-to-date version of Java and up to date version of Mozilla Firefox, Internet Explorer, Google Chrome, or Opera. If using Internet Explorer, it\u2019s also important to have the appropriate Windows patch, as described here: <http://technet.microsoft.com/en-us/security/bulletin/ms12-006> In other words, if all users who access the system have up to date software, the connection to the system is not vulnerable to this attack. Consult Java and browser documentation for specific information regarding which patches should be applied or which version should be used.\n\n## References:\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n * <http://xforce.iss.net/xforce/xfdb/70069>\n\n## Related Information:\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www-304.ibm.com/connections/blogs/PSIRT/?lang=en_us>) \n \n \n\n\n## Acknowledgement\n\nNone \n \n\n\n## Change History\n\n10 September 2013: Original copy published \n06 December 2013:\u00c2 Added information regarding additional affected products \n10 January 2014: Added information regarding additional affected products and the feature to restrict to TLS 1.2.\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash.\n\n**Note:** According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2022-05-16T16:03:13", "type": "ibm", "title": "Security Bulletin: IBM System x and Flex Systems Browser Exploit Against SSL/TLS (BEAST) Mitigations (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2022-05-16T16:03:13", "id": "30CDD497090F8940455238317492E01063AFC3CC537C3C8827026D302DFD0F4B", "href": "https://www.ibm.com/support/pages/node/863100", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T21:51:44", "description": "## Summary\n\nBrowser Exploit Against SSL/TLS (a.k.a. BEAST) vulnerability is observed. In TLS 1.0 and earlier, it is possible to predict the Initialization Vector (IV) of the block cipher encryption. This allows a man-in-the-middle attacker to guess the plaintext being encrypted. The affected products are in TLS 1.0 and earlier.\n\n## Vulnerability Details\n\n** Third Party Entry: **PSIRT-ADV0016851 \n** DESCRIPTION: ** \nCVSS Base score: 4.7 \nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nTNPM Wireline| 1.4.0 \nTNPM Wireline| 1.4.1 \nTNPM Wireline| 1.4.2 \nTNPM Wireline| 1.4.3 \nTNPM Wireline| 1.4.4 \nTNPM Wireline| 1.4.5 \n \n\n\n## Remediation/Fixes\n\nThis issue can be addressed by disabling TLS below version TLSv1.2 and just keep TLSv1.2 \n\n 1. Modify this file:\n\n\u2026/IBM/WebSphere/AppServer/products/sklm/config/SKLMConfig.properties \n \nLook for property \nTransportListener.ssl.protocols = SSL_TLS \nUpdate the property to have value TLSv1.2, as shown below: \nTransportListener.ssl.protocols=TLSv1.2 \n \nThis will only enable TLS version 1.2. \nSave the file\n\n 2. Log in to WAS Admin Console.\n\nSecurity > 'SSL certificate and key management > SSL configurations > NodeDefaultSSLSettings > Quality of protection (QoP) settings'. \nWAS GUI - Security > SSL certificate and key management, and under Related Items, click SSL configurations. \nSelect each SSL Configuration described below, like NodeDefaultSSLSettings - Quality of protection (QoP) settings under Additional Properties \u2013 Protocol \u2013 select desired protocol: TLSv1.2 - Apply and Save.\n\n 3. Modify this file:\n\n.../IBM/WebSphere/AppServer/profiles/KLMProfile/properties/ssl.client.props \nLook for property \n'com.ibm.ssl.protocol' \n \nUpdate the property to have value TLSv1.2, as shown below: \ncom.ibm.ssl.protocol=TLSv1.2 \n \nSave the file\n\n 4. Restart WebSphere Server. \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2020-08-25T12:33:00", "type": "ibm", "title": "Security Bulletin: BEAST security vulnerability in IBM Tivoli Netcool Performance Manager for Wireline( CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2020-08-25T12:33:00", "id": "2E6D778793B990B68E72041D95DBC2B227927F08D97BCA9E118EC96F940B7A01", "href": "https://www.ibm.com/support/pages/node/6322533", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T17:57:26", "description": "## Summary\n\nEarlier versions of the Transport Layer Security (TLS) protocol are affected by a publicly disclosed vulnerability that could allow information disclosure if an attacker is carrying out a man-in-the-middle attack. Customers can avoid the vulnerability byfollowing workarounds recommended by IBM.\n\n## Vulnerability Details\n\n## Abstract\n\nEarlier versions of the Transport Layer Security (TLS) protocol are affected by a publicly disclosed vulnerability that could allow information disclosure if an attacker is carrying out a man-in-the-middle attack. \nCustomers can avoid the vulnerability by following workarounds recommended by IBM. \n\n\n## Content\n\n**VULNERABILITY DETAILS:** \n\n\n**CVE ID:** CVE-2011-3389 \n\n**DESCRIPTION:**\n\nA potential vulnerability has been identified in older versions of the Transport Layer Security (TLS, formerly known as Secure Socket Layer or SSL) protocol that may be utilized by the Browser-Based Interface (BBI) feature in IBM Networking Operating System (NOS) (formerly known as BLADE Operating System). NOS runs on IBM System Networking Ethernet switches (as well as legacy Blade Network Technology (BNT) Ethernet switches). Because BBI is the only feature in NOS to use the TLS protocol as of the date of this bulletin, Customers who do not run BBI on their IBM Ethernet switches are not impacted by this vulnerability. It is possible that future NOS features could use TLS protocols; there are instructions on how to avoid the vulnerability in such situations in the \u201cWorkaround\u201d section below.\n\nThis attack against the TLS protocol is also known as BEAST, and it exploits the use of chained initialization vectors in early versions of the protocol. A remote attacker could exploit this vulnerability using man-in-the-middle techniques to decrypt TLS sessions and obtain sensitive information such as user authentication cookies that could be further leveraged to obtain sensitive information such as account credentials. The attack does not require local network access or physical access to the network and is therefore remotely exploitable, but specialized knowledge and techniques are required to execute this attack. A successful exploit will not impact integrity or availability of transmitted data, but the confidentiality of network traffic may be affected, although the attacker would not be able to control what data are accessed.\n\nSSLv3 and TLS 1.0 are the older versions of this protocol that are susceptible to this vulnerability; newer versions of TLS \u2013 1.1 and 1.2 \u2013 are not. IBM NOS has supported TLS 1.1 and 1.2 since NOS version 6.7, but even these recent versions of NOS continue to support SSLv3 and TLS 1.0 as well. Therefore, even recent versions of NOS that support TLS 1.1 and 1.2 may be susceptible to this vulnerability if a user uses the switch to communicate with TLS peers that only support the older vulnerable versions of the protocol.\n\n**CVSS v2 Base Score:** 4.3 \n**CVSS Environmental Score*:** Undefined\n\n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**AFFECTED PRODUCTS AND VERSIONS:**\n\nThis vulnerability potentially affects all IBM System Networking Ethernet switches and legacy BNT Ethernet switches (including those used in IBM Flex Systems and IBM BladeCenter products). This includes versions and releases that are no longer in support.\n\n**REMEDIATION:**\n\nNone.\n\n**WORKAROUND:**\n\nCustomers can avoid this vulnerability altogether by not using the BBI feature on their IBM Ethernet switches; instead, customers would use Secure Shell (SSH) to administer the device via command line. IBM recommends that customers running versions of NOS that are older than NOS 6.7 not use BBI, as those versions of NOS do not support TLS 1.1 and 1.2. IBM recommends that customers running NOS 6.7 or later on their IBM Ethernet switches who want to continue using BBI do so to communicate only with Web browsers that also support TLS 1.1 and 1.2. Similarly, to the extent any future NOS features use the TLS protocol, IBM recommends that customers use those features only to communicate with TLS peers that also support TLS 1.1 and 1.2.\n\n**MITIGATION:**\n\nNone.\n\n \n**REFERENCES:**\n\n * [_Complete CVSS Guide_](<http://www.first.org/cvss/cvss-guide.html>)\n * [_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n * [_CVE-2011-3389_](<https://vulners.com/cve/CVE-2011-3389>)\n * [X-Force Vulnerability Database](<http://xforce.iss.net/xforce/xfdb/70069>)\n \n**RELATED INFORMATION:** [_ IBM Secure Engineering Web Portal_](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**CHANGE HISTORY:**\n\n \n<October 10, 2013>: Original Copy Published.\n\n \n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. \n\nNote: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2023-04-14T14:32:25", "type": "ibm", "title": "Security Bulletin: Vulnerability in Transport Layer Security Protocol\n Used in IBM System Networking Ethernet Switches (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2023-04-14T14:32:25", "id": "5EFA13785CC30ADD58A09C8067C048A172DF46A415459750DB97A4B2E8C6095E", "href": "https://www.ibm.com/support/pages/node/863230", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:48:15", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Content Collector for SAP Applications.\n\n## Vulnerability Details\n\n**CVEID:**** **[**CVE-2015-2808**](<https://vulners.com/cve/CVE-2015-2808>)\n\n**DESCRIPTION:**The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".[](<https://vulners.com/cve/CVE-2015-2808>)\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See [https://exchange.xforce.ibmcloud.com/vulnerabilities/101851 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>)for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Content Collector for SAP Applications 2.2 \n\nIBM Content Collector for SAP Applications 3.0\n\nIBM Content Collector for SAP Applications 4.0\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nIBM Content Collector for SAP Applications| 2.2.0.2| HE12301| Apply JRE update JRE-6.0.16.3.IV70681+IV71888, which is available from Fix Central. \n \n**Note:** ICCSAP V2.2.0 has reached end of support, and is no longer available for download. \n \nFor IBM Content Collector for SAP Applications V3.0 and V4.0, follow the guidance in the **Workarounds and Mitigations** section below.\n\n \n \nYou should verify that applying this fix does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n \nIn particular, consult the system documentation of your SAP software on how to disable the RC4 cipher there. \n\n## Workarounds and Mitigations\n\nThe simplest way to remediate this vulnerability is to configure for FIPS140-2, Suite B or SP800-131 standards because they do not use RC4 stream ciphers. For details about how to activate this configuration, see the topic \"Configuring Content Collector for SAP for US government security standards\" in IBM Knowledge Center: \n\n * For Content Collector for SAP V3.0: <http://www.ibm.com/support/knowledgecenter/SSRW2R_3.0.0/com.ibm.iccsap.doc/doc/s_government.dita>\n * For Content Collector for SAP V4.0: <http://www.ibm.com/support/knowledgecenter/SSRW2R_4.0.0/doc/s_government.dita>\n \nAlternatively, you can selectively disable the RC4 cipher for Java 7, which is used by IBM Content Collector for SAP Applications V3.0 and V4.0: \n\n * Edit the java.security file in <ICCSAP_HOME>/java/jre/lib/security and turn off RC4 by adding \njdk.tls.disabledAlgorithms=SSLv3,RC4 \n \nFor IBM Content Collector for SAP Applications V4.0: \n\n * If you use the bundled version of WebSphere Application Server, follow the guidance in [Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808)](<http://www-01.ibm.com/support/docview.wss?uid=swg21701503>) \n\n * If you use the bundled version of IBM\u00ae DB2\u00ae LUW, follow the guidance in [Security Bulletin: Vulnerability in RC4 stream cipher affects IBM\u00ae DB2\u00ae LUW (CVE-2015-2808)](<http://www-01.ibm.com/support/docview.wss?uid=swg21717865>). \n\n \nYou should verify that applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-17T12:10:59", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Content Collector for SAP Applications (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T12:10:59", "id": "F4E65AC5DB3551A22803D01DA8C5EB6C6BAABCDEEB925820962D535E6FA7AA12", "href": "https://www.ibm.com/support/pages/node/262583", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:38:24", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Rational DOORS Web Access. \n\n## Vulnerability Details\n\nRational DOORS Web Access is affected by the following vulnerabilities disclosed in and corrected by the JRE critical patch updates: \n\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nRational DOORS Web Access version 9.6.1.x, 9.6.0.x, 9.5.2.x, 9.5.1.x, 9.5.0.x, 1.5.0.x, 1.4.0.x\n\n## Remediation/Fixes\n\nThe only solution is to upgrade the JRE. You can upgrade the JRE after installing Rational DOORS Web Access. \n\nTo obtain the updated version of the IBM JRE, [_contact IBM Support_](<https://www-947.ibm.com/support/servicerequest/Home.action?category=2>). Support can help identify the latest JRE that is compatible with your operating system and platform. Publicly available versions of the Oracle JRE are not supported with Rational DOORS Web Access.\n\n \n \nThe following table presents Rational DOORS Web Access versions and the compatible versions of IBM JRE. \n \n**Rational DOORS Web Access**| **IBM JRE** \n---|--- \n1.4.0.x| 6.0.16.3 \n1.5.0.x| 6.0.16.3 \n9.5.0.x| 6.0.16.3 \n9.5.1.x| 6.0.16.3 \n9.5.2.x| 6.0.16.3 \n9.6.0.x| See \"Workarounds and Mitigations\" \n9.6.1.x| See \"Workarounds and Mitigations\" \nTo install the updated JRE in Rational DOORS Web Access, review the help topic: \n[Upgrading the Rational DOORS Web Access JRE](<http://www.ibm.com/support/knowledgecenter/SSYQBZ_9.6.0/com.ibm.doors.install.doc/topics//t_upgrading_dwa_jre.html>)\n\n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n \n_For versions for Rational DOORS Web Access that are earlier than version 1.4.0.x, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nFor Rational DOORS Web Access versions 1.4.0.x - 9.5.2.x, upgrade the JRE, as described in \"Remediations/Fixes\". \n\nFor versions 9.6.0.x - 9.6.1.x, disable the RC4 cipher suite in your Java 7 installation: \n1\\. Open the following file in a text editor: `jre/lib/security/java.security` \n2\\. Add RC4 to `jdk.tls.disabledAlgorithms`\n\n \nFor example: \n` \njdk.tls.disabledAlgorithms=SSLv3, RC4, D5, SHA1, RSA keySize < 1024 \n` \nThe minimum entries that are required for the POODLE and Bar Mitzvah vulnerabilities are the following: \n\n \n` \njdk.tls.disabledAlgorithms=SSLv3, RC4 \n` \n \nUsers who enabled SP800-131a for Rational DOORS Web Access are not affected. \n \nYou should verify that applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2020-05-01T08:19:24", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Rational DOORS Web Access (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2020-05-01T08:19:24", "id": "3C1DE59A419F46B66A4E4DDAEC65BDCC256D9DD82067BADAF8246DE10A3AE64F", "href": "https://www.ibm.com/support/pages/node/261753", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:52:36", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects IBM BladeCenter Advanced Management Module.\n\n## Vulnerability Details\n\n## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects IBM BladeCenter Advanced Management Module.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**Description:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/#/vulnerabilities/101851> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\nIBM BladeCenter Advanced Management Module Firmware versions v3.66K (BPET66K, BBET66K, BPEO66K) and previous versions are affected.\n\nThis applies to the following hardware products:\n\n * BladeCenter Advanced Management Module, Option 25R5778\n * BladeCenter T Advanced Management Module, Option 32R0835\n * IBM BladeCenter(TM)-E: Type 1881, 7967, 8677\n * IBM BladeCenter(TM)-H: Types 1886, 7989, 8852\n * IBM BladeCenter(TM)-HT: Types 8740, 8750\n * IBM BladeCenter(TM)-S: Types 1948, 7779, 8886\n * IBM BladeCenter(TM)-T: Types 8720, 8730\n\n## Remediation/Fixes:\n\nYou should verify applying this fix does not cause any compatibility issues.\n\nFix Central: <http://www-933.ibm.com/support/fixcentral/>\n\nProduct | Version \n---|--- \nBladeCenter Advanced Management Module \u2014 IBM BladeCenter T Chassis | Update to v3.66N (BBET66N) \nBladeCenter Advanced Management Module \u2014 BladeCenter OEM Chassis | Update to v3.66N (BPEO66N) \nBladeCenter Advanced Management Module \u2014 All other IBM BladeCenter Chassis | Update to v3.66N (BPET66N) \n \n## Workaround(s) & Mitigation(s):\n\nNone\n\n## References:\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n * [OpenSSL Project vulnerability website](<http://www.openssl.org/news/vulnerabilities.html>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n30 April 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2019-01-31T01:45:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM BladeCenter Advanced Management Module (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-01-31T01:45:01", "id": "8198E97AE083DDBA31003F2C6968297427DF569497350A3FFEB888A4B0C4EC48", "href": "https://www.ibm.com/support/pages/node/866560", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T05:55:53", "description": "## Summary\n\nA weak cipher is available for TLS and SSL connections used by IBM API Connect..\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM API Connect V5.0.0.0 - V5.0.6.1\n\n## Remediation/Fixes\n\nThe issue is resolved by APAR LI79525 in IBM API Connect [V5.0.6.2](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+API+Connect&release=5.0.6.2&platform=All&function=all>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-15T07:07:35", "type": "ibm", "title": "Security Bulletin: Weak Cipher available in IBM API Connect (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T07:07:35", "id": "834DC5A8449DFEED5F26C4B6BC084254D5384FAE17158CC4D42A9531AD284C66", "href": "https://www.ibm.com/support/pages/node/561383", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:54:57", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d attack for SSL/TLS affects IBM WebSphere Application Server that is used by WebSphere Lombardi Edition (WLE) and IBM Business Process Manager.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\n * * IBM Business Process Manager V7.5.x through V8.5.6.0\n * WebSphere Lombardi Edition V7.2.0.x\n \n \n_For__ earlier unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product._\n\n## Remediation/Fixes\n\nPlease consult the security bulletin [_Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21701503>) for vulnerability details and information about fixes. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-15T07:02:56", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Lombardi Edition and IBM Business Process Manager (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T07:02:56", "id": "32C184B7AD6EDED2AF74EDBAFA0BD1F7B5DC8B659D8C4035079B542325469AD7", "href": "https://www.ibm.com/support/pages/node/261469", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:52:28", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru firmware.\n\n## Vulnerability Details\n\n## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru firmware.\n\n**Vulnerability Details**\n\n**CVE-ID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**Description:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\nIBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru firmware versions 9.1.0.xx, 9.1.1.xx, 9.1.2.xx, and 9.1.3.xx.\n\n## Remediation/Fixes\n\nFirmware updates are available at IBM Fix Central: <http://www.ibm.com/support/fixcentral/>.\n\nIt is recommended to apply the following fix for IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru Firmware: qlgc_fw_flex_9.1.5.03.00_anyos_noarch version 9.1.5.03.00 (or a later version).\n\n## Workarounds and Mitigations\n\nNone.\n\n## Reference\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>) \n[Subscribe to Security Bulletins](<http://www.ibm.com/support/mynotifications/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n05 May 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2019-01-31T01:55:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru firmware. (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-01-31T01:55:01", "id": "AEA9186AAE3F26B06583CD167C84248C6540B24189EEC7058E5A70A44891CC48", "href": "https://www.ibm.com/support/pages/node/867376", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:39:04", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Rational Application Developer for WebSphere Software.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nRational Application Developer 9.1.1 and earlier\n\n## Remediation/Fixes\n\nUpdate the Java Development Kit of the product to address this vulnerability: \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nRational Application Developer| 8.0| PI38888| \n\n * Apply [IBM SDK Java Technology Edition Critical Patch Update - \"RC4 Bar Mitzvah Attack for SSL/TLS\"](<http://www.ibm.com/support/docview.wss?uid=swg24039857>) \nRational Application Developer| 8.5 through 9.1.1| PI38888| \n\n * For all versions, apply [IBM SDK Java Technology Edition Critical Patch Update - April 2015, RC4 Bar Mitzvah Attack for SSL/TLS, and Logjam vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg24040408>).\n * For WebSphere Application Server, see [Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21701503>) \nRational Application Developer| 9.1 through to 9.1.1| PI38888| \n\n * For all versions, apply [IBM SDK Java Technology Edition Critical Patch Update - April 2015, RC4 Bar Mitzvah Attack for SSL/TLS, and Logjam vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg24040408>).\n * For Cordova, Apply [IBM SDK for Node.js 1.1.0.14](<http://www.ibm.com/developerworks/web/nodesdk/>) to the Cordova platform in the product. \n \nInstallation instructions for applying the update to the Cordova platform in the product can be found here: \n \n[Upgrading the IBM SDK for Node.js used by Cordova](<http://www.ibm.com/support/docview.wss?uid=swg21684946>) \nRational Build Utility| 8.0| PI38888| \n\n * Apply [IBM SDK Java Technology Edition Critical Patch Update - \"RC4 Bar Mitzvah Attack for SSL/TLS\"](<http://www.ibm.com/support/docview.wss?uid=swg24039857>) \nRational Build Utility| 8.5 through to 9.1.1| PI38888| \n\n * For use on Windows or Linux: apply [IBM SDK Java Technology Edition Critical Patch Update - April 2015, RC4 Bar Mitzvah Attack for SSL/TLS, and Logjam vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg24040408>).\n * For use on System z:\n * Version 8.5, 9.0 and 9.1: Apply the latest [Java Technology Edition, V7.0.0](<http://www-03.ibm.com/systems/z/os/zos/tools/java/>). \nRational Agent Controller| 7.0 through to 9.1.1| PI38888| \n\n * Apply [Rational Agent Controller FixPack 2 (9.1.1.2) for 9.1.1](<http://www-01.ibm.com/support/docview.wss?uid=swg24040414>) \n \n## Workarounds and Mitigations\n\nIf you are using any of the following products: \n\n\n * Rational Agent Controller versions 8.3.5, 8.3.6, 9.0, 9.1\n * Rational Application Developer for WebSphere Software versions 8.5, 9.0, and 9.1\n * Rational Build Utility versions 8.5, 9.0, and 9.1\n \nthen the following steps can be used to remove RC4 from the list of available algorithms: \n \n1\\. Ensure the product is not running. \n \n2\\. Locate the java.security file used by the product: \n\n\nRational Agent Controller: _install folder_/AgentController/jre/lib/security/java.security \nRational Application Developer for WebSphere Software: _install folder_/jdk/jre/lib/security/java.security \nRational Build Utility: _install folder_/jdk/jre/lib/security/java.security \n3\\. Edit the java.security file with a text editor and locate the line: \n\n\njdk.tls.disabledAlgorithms=SSLv3 \n \n4\\. Add RC4 to the list of disabled algorithms; For example: \n\n\njdk.tls.disabledAlgorithms=SSLv3, RC4 \n \n5\\. Save the file and restart the product. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2020-02-05T00:09:48", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Application Developer for WebSphere Software (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2020-02-05T00:09:48", "id": "B337019A876E3EE0E7052D2F918C3C08F3161254BAE357DA67B570E349570C0D", "href": "https://www.ibm.com/support/pages/node/261219", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:52:29", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Cognos Mobile app on Android.\n\n## Vulnerability Details\n\n**CVEID**: [CVE-2015-2808](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2808>) \n**DESCRIPTION**: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Cognos Mobile app on Android version 10.2.2.1.1 and earlier\n\n## Remediation/Fixes\n\nThe recommended solution is to update the app to the latest version as soon as practical. \n \nThe fix has been released as part of the IBM Cognos Mobile app on Android version 10.2.2.1.2 [](<https://play.google.com/store/apps/details?id=com.ibm.cogmob.artoo>) \n<https://play.google.com/store/apps/details?id=com.ibm.cogmob.artoo> \n \nYou should verify that applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nNone known. Update the app\n\n## ", "cvss3": {}, "published": "2018-06-15T23:13:40", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Cognos Mobile app on Android (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T23:13:40", "id": "1DAE041F25466A8D147EB9622409BA9A37A230F6FB76AD4E091BED7B3A6CE8FB", "href": "https://www.ibm.com/support/pages/node/262671", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:40:41", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah Attack\" for Secure Sockets Layer (SSL) and Transport Layer Security (TLS) affects z/TPF.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n\n\n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nz/TPF Enterprise Edition Version 1.1.11 and earlier\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nz/TPF| 1.1.11 and earlier| None| Do not use the RC4 algorithm in SSL sessions. See Workarounds and Mitigations. \n \n## Workarounds and Mitigations\n\nDisable the RC4 encryption algorithm from the OpenSSL library for z/TPF. To disable the RC4 encryption algorithm, complete the following steps: \n\n 1. Ensure that existing SSL applications are not set up to use the RC4 encryption alogorithm. If they are, change the applications to use a more secure algorithm, such as AES-128.\n 2. Add the OPENSSL_NO_RC4 compiler option to the `cryp.mak` and `cssl.mak` files:\n * In the `cryp.mak` file, add the following statement: \n`CFLAGS_CRYP += -DOPENSSL_NO_RC4`\n * In the `cssl.mak` file, add the following statement: \n`CFLAGS_CSSL += -DOPENSSL_NO_RC4`\n* Remove or comment out the following source segments in the `cryp.mak` file: \n`#C_SRC += rc4_enc.c \n#C_SRC += rc4_skey.c`\n* Build the CRYP and CSSL shared objects by using `**maketpf**` with the force (`-f`) option\n* Load the CRYP and CSSL shared objects to the z/TPF system again.\n* Recyle the shared SSL daemons (if defined) and restart all SSL applications.\n\n## ", "cvss3": {}, "published": "2018-08-03T04:23:43", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects z/TPF (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-08-03T04:23:43", "id": "54D8CEDBAC6FD9B41208009218D5BB60370978EE37D8959B1153B08392F7339A", "href": "https://www.ibm.com/support/pages/node/260843", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:51:39", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Tealeaf Customer Experience.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Tealeaf Customer Experience: v8.0-v9.0.1\n\n## Remediation/Fixes\n\nProduct \n\n| \n\nVRMF \n\n| \n\nRemediation/First Fix \n \n---|---|--- \n \nIBM Tealeaf Customer Experience\n\n| \n\n9.0.1A \n\n| PCA: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1A_IBMTealeaf_PCA-3724-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1A_IBMTealeaf_PCA-3724-4_SecurityRollup_FixPack>) \nTealeaf CX: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1.5091_9.0.1A_IBMTealeaf_CXUpgrade_FixPack4`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1.5091_9.0.1A_IBMTealeaf_CXUpgrade_FixPack4>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n9.0.1\n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1_IBMTealeaf_PCA-3673-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1_IBMTealeaf_PCA-3673-4_SecurityRollup_FixPack>) \nTealeaf CX: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1.1097_IBMTealeaf_CXUpgrade_FixPack4`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1.1097_IBMTealeaf_CXUpgrade_FixPack4>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n9.0.0, 9.0.0A \n\n| You can contact the [_Technical Support_](<http://www.ibm.com/software/marketing-solutions/tealeaf/support>) team for guidance. \n \nIBM Tealeaf Customer Experience \n\n| \n\n8.8 \n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8_IBMTealeaf_PCA-3625-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8_IBMTealeaf_PCA-3625-4_SecurityRollup_FixPack>) \nTealeaf CX: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8.0.9034_IBMTealeaf_CXUpgrade_FixPack8`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8.0.9034_IBMTealeaf_CXUpgrade_FixPack8>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n8.7 \n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7_IBMTealeaf_PCA-3615-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7_IBMTealeaf_PCA-3615-4_SecurityRollup_FixPack>) \nTealeaf CX: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7.1.8830_IBMTealeaf_CXUpgrade_FixPack9`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7.1.8830_IBMTealeaf_CXUpgrade_FixPack9>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n8.6 and earlier \n\n| You can contact the [_Technical Support_](<http://www.ibm.com/software/marketing-solutions/tealeaf/support>) team for guidance. \nFor v9.0.0, 9.0.0A, and versions before v8.7, IBM recommends upgrading to a later supported version of the product. \nYou should verify applying these fixes do not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nPCA: In addition to applying the fix pack above, you must update the /opt/tealeaf/etc/httpd.conf file by: \n\n * adding (or changing if already present) a line beginning \"SSLProtocol\" so that it reads\n`SSLProtocol All -SSLv2 -SSLv3`\n * changing the line beginning \u201cSSLCipherSuite\u201d by replacing the string \u201cRC4+RSA\u201d with \u201c!RC4\u201d so that it reads:\n`SSLCipherSuite ALL:!ADH:!EXP:!RC4:+HIGH:+MEDIUM` \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-16T19:44:47", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Tealeaf Customer Experience (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-16T19:44:47", "id": "C5EAD94AFB25C0B3AC1232FF6BD674F833897104B75A6BC23442F602C49C49F7", "href": "https://www.ibm.com/support/pages/node/264891", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:50:57", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Tivoli/Security Directory Server.\n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to obtain sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n * IBM Tivoli Directory Server 6.0, 6.1, 6.2, 6.3\n * IBM Security Directory Server 6.3.1, 6.4\n\n## Remediation/Fixes\n\nAffected Releases\n\n| Fixes Available \n---|--- \nIBM Tivoli Directory Server 6.0| [6.0.0.73-ISS-ITDS-IF0074](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.0.0.74&platform=All&function=all>) \nIBM Tivoli Directory Server 6.1| [6.1.0.67-ISS-ITDS-IF0067](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.1.0.67&platform=All&function=all>) \nIBM Tivoli Directory Server 6.2| [6.2.0.43-ISS-ITDS-IF0043](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.2.0.43&platform=All&function=all>) \nIBM Tivoli Directory Server 6.3| [6.3.0.36-ISS-ITDS-IF0036](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Directory+Server&release=6.3.0.36&platform=All&function=all>) \nIBM Security Directory Server 6.3.1| [6.3.1.10-ISS-ISDS-IF0010](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Directory+Server&release=6.3.1.10&platform=All&function=all>) \nIBM Security Directory Server 6.4| [6.4.0.1-ISS-ISDS-IF0001](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Directory+Server&release=6.4.0.1&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nFor each instance of the server, remove the following lines from the server configuration file at /home/<instance name>/<instance name>-idsldap/etc/**ibmslapd.conf, **and restart the server. \n \n[under dn: cn=SSL,cn=Configuration] \nibm-slapdSslCipherSpec: RC4-128-MD5 \nibm-slapdSslCipherSpec: RC4-128-SHA \nibm-slapdSslCipherSpec: DES-56 \nibm-slapdSslCipherSpec: RC4-40-MD5 \nibm-slapdSslCipherSpec: RC2-40-MD5 \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-16T21:23:58", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Tivoli/Security Directory Server (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-16T21:23:58", "id": "1709290AEBE9A32DD527BD83623D24D35E893CA90E205405818A823706EDF26B", "href": "https://www.ibm.com/support/pages/node/262699", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:52:48", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects OpenPages GRC Platform with Application Server.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nOpenPages GRC Platform with Application Server 6.2.0, 6.2.1, 7.0 (embedded application server versions)\n\n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\nThe embedded application server can be reconfigured to only accept known good ciphers and avoid this issue. Please note that this remediation changes the list of cipher suites accepted by the application server. As a result, there is a chance SSL connectivity issues could arise in your environment . While no issues have been found in internal testing, we encourage you to test this configuration on a test system in your environment prior to using it in production. \n\nMitigation Steps:\n\n 1. Stop all servers. For details on stopping services, see the \u201cStarting and Stopping Servers\u201d chapter in the _IBM\u00ae OpenPages\u00ae GRC Platform Administrator\u2019s Guide._\n 2. Log into the Windows console of the primary application server as an administrator.\n 3. Launch regedit.exe\n 4. Navigate to HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\services\\OpenPagesAdminServer\\Parameters\n 5. Right-click on the Parameters key and select Export.\n 6. Create a backup directory (you will be repeating this export with other keys).\n 7. Save the export as OpenPagesAdminServer\n 8. Select the current value for CmdLine\n 9. Paste it into a text editor such as Notepad\n 10. Move to the very end of the string and you will find the text \"weblogic.Server\"\n 11. Insert the string \"-Dweblogic.security.SSL.protocolVersion=TLS1\" before \"weblogic.Server\". \n \nFor example, change: \n \n-Djava.security.policy=\"C:\\oracle\\middleware\\wlserver_10.3\\server\\lib\\weblogic.policy\" weblogic.Server \n \nto: \n \n-Djava.security.policy=\"C:\\oracle\\middleware\\wlserver_10.3\\server\\lib\\weblogic.policy\" **-Dweblogic.security.SSL.protocolVersion=TLS1** weblogic.Server \n \n\n 12. Copy the string from your editor and use it to replace the current contents of the CmdLine setting.\n 13. Navigate to HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\services\\OpenPagesServer1\\Parameters\n 14. Right-click on the Parameters key and select Export.\n 15. Save the export as OpenPagesServer1 in the backup directory\n 16. Repeat steps 8 through 12 for this key.\n 17. If you have additional node installed (for example OpenPagesServer2) repeat the process of exporting and adding \"-Dweblogic.security.SSL.protocolVersion=TLS1\" for each node.\n 18. Repeat the process for the workflow servers by editing: \n\\- HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\services\\InterstageBPMAdminServer\\Parameters \n\\- HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\services\\InterstageBPMCS1\\Parameters \n\\- Any additional nodes installed (i.e. InterstageBPMCS2)\n 19. Close Registry Editor\n 20. Navigate to the file <OpenPages_Home>\\OpenPagesDomain\\config\\config.xml \n \n \nFor example: \n \nC:\\OpenPages\\OpenPagesDomain\\config\\config.xml \n \n\n 21. Make a backup copy of the file\n 22. Edit the file in Notepad of similar text editor. \n 23. Locate the following section: \n \n<server> \n<name>OpenPagesAdminServer</name> \n<ssl> \n<name>OpenPagesAdminServer</name> \n<enabled>true</enabled> \n \n\n 24. Add the following below the <enabled>true</enabled> line: \n \n \n<ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite> \n<jsse-enabled>true</jsse-enabled> \n \n\n 25. Look further down the file for the section: \n \n \n<server> \n<name>_ServerName_-OpenPagesServer1</name> \n<max-message-size>2000000000</max-message-size> \n<ssl> \n<enabled>true</enabled> \n \n\n 26. Add the following below the <enabled>true</enabled> line: \n \n \n<ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite> \n \n\n 27. In the same <ssl> block, add <enabled>true</enabled> just before the closing </ssl>. Your <ssl> block should now look something like the following: \n \n \n<ssl> \n<enabled>true</enabled> \n<ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite> \n<listen-port>7010</listen-port> \n<server-private-key-alias>mystrongcert</server-private-key-alias> \n<server-private-key-pass-phrase-encrypted>{AES}123456abce=</server-private-key-pass-phrase-encrypted> \n<jsse-enabled>true</jsse-enabled> \n</ssl> \n \n \n\n 28. Make the same changes to any additional nodes you have configured. (i.e. _ServerName_-OpenPagesServer2)\n 29. Save and close config.xml\n 30. Navigate to the file <Fujitsu_Home>\\InterstageBPM\\IBPMDomain\\config\\config.xml \n \n \nFor example: \n \nC:\\Fujitsu\\InterstageBPM\\IBPMDomain\\config\\config.xml \n \n\n 31. Make a backup copy of the file\n 32. Edit the file in Notepad of similar text editor. \n 33. Locate the following section: \n \n<server> \n<name>AdminServer</name> \n<ssl> \n<name>AdminServer</name> \n<enabled>true</enabled> \n \n\n 34. Add the following below the <enabled>true</enabled> line: \n \n \n \n<ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite> \n \n\n 35. In the same <ssl> block, add <enabled>true</enabled> just before the closing </ssl>. Your <ssl> block should now look like the following: \n \n \n<ssl> \n<enabled>true</enabled> \n<ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite> \n<listen-port>49902</listen-port> \n<jsse-enabled>true</jsse-enabled> \n</ssl> \n \n\n 36. Look further down the file for the section: \n \n \n<server> \n<name>_ServerName_-InterstageBPMCS1</name> \n<max-message-size>2000000000</max-message-size> \n<ssl> \n<enabled>true</enabled> \n \n\n 37. Add the following below the <enabled>true</enabled> line: \n \n \n<ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite> \n \n\n 38. In the same <ssl> block, add <enabled>true</enabled> just before the closing </ssl>. Your <ssl> block should now look something like the following: \n \n \n<ssl> \n<enabled>true</enabled> \n<ciphersuite>TLS_RSA_WITH_AES_128_CBC_SHA</ciphersuite> \n<listen-port>49952</listen-port> \n<jsse-enabled>true</jsse-enabled> \n</ssl> \n \n \n\n 39. Make the same changes to any additional nodes you have configured. (i.e. _ServerName_-InterstageBPMCS2)\n 40. Save and close config.xml\n 41. You may now restart services. \n 42. Once services restart, connect to the application via secure connection to validate that you can connect. \n \n\n \n \n \n\n\n## ", "cvss3": {}, "published": "2018-06-15T22:37:00", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects OpenPages GRC Platform with Application Server (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T22:37:00", "id": "ADC50833DE0A3D841EF5E4556B1E32AF2826952FD359D02B27840B2DAC3F23C7", "href": "https://www.ibm.com/support/pages/node/264153", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:52:03", "description": "## Summary\n\nThe RC4 Bar Mitzvah Attack for SSL/TLS affects IBM Systems Director Storage Control.\n\n## Vulnerability Details\n\n## Summary\n\nThe RC4 Bar Mitzvah Attack for SSL/TLS affects IBM Systems Director Storage Control.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**Description:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack.\"\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:H/Au:N/C:N/I:P/A:N)\n\n## Affected products and versions\n\nFrom the IBM System Director command line enter smcli lsver to determine the level of IBM Systems Director installed.\n\nAffected Product and Version(s) | Product and Version shipped as a component \n---|--- \nIBM Systems Director Storage Control 4.2.1.0 | IBM Systems Director 6.2.1.0 \nIBM Systems Director Storage Control 4.2.1.0 | IBM Systems Director 6.2.1.2 \nIBM Systems Director Storage Control 4.2.1.1 | IBM Systems Director 6.3.0.0 \nIBM Systems Director Storage Control 4.2.2.0 | IBM Systems Director 6.3.1.0 \nIBM Systems Director Storage Control 4.2.2.1 | IBM Systems Director 6.3.1.1 \nIBM Systems Director Storage Control 4.2.3.0 | IBM Systems Director 6.3.2.0 \nIBM Systems Director Storage Control 4.2.3.1 | IBM Systems Director 6.3.2.1 \nIBM Systems Director Storage Control 4.2.3.2 | IBM Systems Director 6.3.2.2 \nIBM Systems Director Storage Control 4.2.4.0 | IBM Systems Director 6.3.3.0 \nIBM Systems Director Storage Control 4.2.4.1 | IBM Systems Director 6.3.3.1 \nIBM Systems Director Storage Control 4.2.6.0 | IBM Systems Director 6.3.5.0 \nIBM Systems Director Storage Control 4.2.7.0 | IBM Systems Director 6.3.6.0 \n \n## Remediation/Fixes:\n\nFollow the instructions mentioned under <http://www-947.ibm.com/support/entry/portal/support/> and search for Tech note 746690234 to apply the fix.\n\n## Workarounds and Mitigations:\n\nNone\n\n## References:\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>) \n\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n29 June 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Systems Director Storage Control (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-01-31T02:10:01", "id": "4735C8E6304811CA2B3351582F67C39E1B9E5F73904FCAFBACB30E3F11E60CDC", "href": "https://www.ibm.com/support/pages/node/867532", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:52:33", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects IBM ToolsCenter.\n\n## Vulnerability Details\n\n## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects IBM ToolsCenter.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**Description:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/#/vulnerabilities/101851> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\n * All ToolsCenter v9.xx releases\n\n## Remediation/Fixes:\n\nNone\n\n## Workaround(s) & Mitigation(s):\n\nDisable RC4 in the settings of the target managed endpoints (CMM or IMM).\n\nYou should verify applying the configuration changes do not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {}, "published": "2019-01-31T01:45:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM ToolsCenter (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-01-31T01:45:01", "id": "C9B40655AE15CEBCF1084DE4473987D1F9C8D3CC052CA001CC3099FA7BAA1D2F", "href": "https://www.ibm.com/support/pages/node/866624", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:50:57", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Security Access Manager for Web and IBM Tivoli Access Manager for e-business. \n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Tivoli Access Manager for e-business versions 6.0, 6.1, 6.1.1 \n\nIBM Security Access Manager for Web version 7.0 software\n\nIBM Security Access Manager for Web version 7.0 appliance, all firmware versions\n\nIBM Security Access Manager for Web version 8.0 appliance, all firmware versions \n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch. \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n \n**Please note:** If you have configured the ciphers that are used in your environment, you might still be susceptible to the attack described above. Please review the 'Post-installation instructions' provided below the remediation table. \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Tivoli Access Manager for e-business| 6.0 - \n6.0.0.38| IV73153| Apply the following interim fix: \n[6.0.0-ISS-TAM-IF0039](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=6.0.0&platform=All&function=all>) \nIBM Tivoli Access Manager for e-business| 6.1 - \n6.1.0.19| IV73153| Apply the following interim fix: \n[6.1.0-ISS-TAM-IF0020](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=6.1.0&platform=All&function=all>) \nIBM Tivoli Access Manager for e-business | 6.1.1 - \n6.1.1.17| IV73150 | Apply the following interim fix: \n[6.1.1-ISS-TAM-IF0018](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=6.1.1&platform=All&function=all>) \nIBM Security Access Manager for Web \n(software-installations)| 7.0 - \n7.0.0.13| IV73149 | Apply the following fix pack: \n[7.0.0-ISS-SAM-IF0014](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=All&function=all>) \nIBM Security Access Manager for Web \n(appliance-based)| 7.0 - \n7.0.0.12| IV73146| 1) Apply the following fix pack: \n[7.0.0-ISS-WGA-FP0012](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=Linux&function=all>)\n\n2) You can then apply the following interim fix:\n\n[7.0.0-ISS-WGA-IF0014](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=Linux&function=all>) \n \nIBM Security Access Manager for Web \n(appliance-based)| 7.0.0.12 \n7.0.0.13| IV73146| Apply the following interim fix: \n[7.0.0-ISS-WGA-IF0014](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=Linux&function=all>) \nIBM Security Access Manager for Web| 8.0 - \n8.0.1.1| IV73137| 1) Apply the following fix pack: \n[8.0.1-ISS-WGA-FP0002](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0&platform=Linux&function=all>) \n \n2) You can then apply the following interim fix: \n[8.0.1.2-ISS-WGA-IF0003](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0&platform=Linux&function=all>) \nIBM Security Access Manager for Web| 8.0.1.2| IV73137| Apply the following interim fix: \n \n[8.0.1.2-ISS-WGA-IF0003](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0&platform=Linux&function=all>) \n \nFor Tivoli Access Manager for e-business 5.1, IBM recommends upgrading to a fixed, supported version/release/platform of the product.\n\n**Post-installation instructions**\n\nAfter you have applied the interim fix packages described above, you need to review your environment to check whether your environment is configured to use RC4 ciphers.\n\nReview the details below to determine whether you need to update the configuration in your environment to avoid any exposure to this vulnerability: \n\nVulnerabilities have been identified in many of the available ciphers. Here is a list of the remaining ciphers that are not affected by these known vulnerabilities. These ciphers are stated in no particular order. You can use one or more of these ciphers as you work through the configuration details included in this tech note. \n\n \n \n**Table One: SSLv3, TLSv10, TLSv11 (GSKit 7 & GSKit 8)** \n \n**Long name** | **Cipher number** \n---|--- \nTLS_RSA_WITH_3DES_EDE_CBC_SHA| 0A \nTLS_RSA_WITH_AES_128_CBC_SHA| 2F \nTLS_RSA_WITH_AES_256_CBC_SHA| 35 \n \n \n**Table Two: TLSv12 (GSKit 8 only)** \n \n**Long name** \n--- \nTLS_RSA_WITH_AES_128_GCM_SHA256 \nTLS_RSA_WITH_AES_256_GCM_SHA384 \nTLS_RSA_WITH_AES_128_CBC_SHA256 \nTLS_RSA_WITH_AES_256_CBC_SHA256 \nTLS_RSA_WITH_AES_128_CBC_SHA \nTLS_RSA_WITH_AES_256_CBC_SHA \nTLS_RSA_WITH_3DES_EDE_CBC_SHA \nTLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA \nTLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA \nTLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 \nTLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 \nTLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 \nTLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 \nTLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 \nTLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 \nTLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 \nTLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 \n \n**_Mitigation for all TAMeb versions and ISAM for Web 7.0 software version _** \n \n1). Download the latest version of GSKit, 7.0.5.6 or 8.0.50.42, for your currently installed TAMeb or ISAM version - \n\n * [**_IBM Security Access Manager for Web 7.0.0 (Software)_**](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=All&function=fixId&fixids=7.0.0-ISS-SAM-IF0011&includeRequisites=1&includeSupersedes=0&downloadMethod=http>)** **\n * [**_Tivoli Access Manager for e-business 6.1.1_**](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=6.1.1.13&platform=All&function=fixId&fixids=6.1.1-ISS-TAM-IF0014&includeRequisites=1&includeSupersedes=0&downloadMethod=http>)\n * [**_Tivoli Access Manager for e-business 6.1.0_**](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=6.1.0.16&platform=All&function=fixId&fixids=6.1.0-ISS-TAM-IF0017&includeRequisites=1&includeSupersedes=0&downloadMethod=http>)** **\n * [**_Tivoli Access Manager for e-business 6.0.0_**](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=6.0.0.35&platform=All&function=fixId&fixids=6.0.0-ISS-TAM-IF0036&includeRequisites=1&includeSupersedes=0&downloadMethod=http>)** **\n \n2). Shutdown all running instances of WebSEAL on the machine for which these instructions are to be followed. \n \n3). **For all ISAM and TAMeb versions.** For all machines hosting WebSEAL if the following environment variables have been set \u2013 \n \nGSK_V2_CIPHER_SPECS \nGSK_V3_CIPHER_SPECS \n \nRemove all references of the following cipher numbers, which have known vulnerabilities \u2013 \n \n01 02 03 04 05 06 09 62 64 \n \n**Note: **You can configure your environment to use of one or more of the ciphers listed in the tables at the start of this tech note. \n \n4). **For ISAM 7.0 only**. For each instance of WebSEAL, under the** [ssl] **stanza, remove all references to RC4 ciphers from both the **gsk_attr_name** and the **jct_gsk_attr_name **attributes: \n \nLong Name \n\\----------------------------------- \nTLS_RSA_WITH_RC4_128_SHA \nTLS_RSA_WITH_RC4_128_MD5 \nTLS_RSA_WITH_DES_CBC_SHA \nTLS_RSA_EXPORT_WITH_RC4_40_MD5 \nTLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 \nTLS_RSA_EXPORT1024_WITH_DES_CBC_SHA \nTLS_RSA_EXPORT1024_WITH_RC4_56_SHA \nTLS_RSA_WITH_NULL_SHA \nTLS_RSA_WITH_NULL_MD5 \nTLS_RSA_WITH_NULL_SHA256 \nTLS_ECDHE_RSA_WITH_NULL_SHA \nTLS_ECDHE_ECDSA_WITH_NULL_SHA \n \n**Note** \\- Any instance of the above ciphers should be removed. You can configure your environment to use one or more of the ciphers listed in the tables at the start of this tech note. \n \n5). Update the following Policy Server configuration files: **ldap.conf** and **activedir_ldap.conf**. Update the following configuration entries to ensure that there are no references to RC4 ciphers. \nConfigure the following entries to use one or more of the ciphers listed in the tables at the start of this tech note. \n \n[ldap] \nssl-tls-cipher-specs \ntls-v12-cipher-specs \n \n**Note:** Ensure that you remove any references to the following cipher numbers - \n \n01 02 03 04 05 06 09 62 64 \n \n[uraf-registry] \nssl-tls-cipher-specs \ntls-v12-cipher-specs \n \n**Note:** Ensure that you remove any references to the following ciphers: \n \nTLS_RSA_WITH_RC4_128_SHA \nTLS_RSA_WITH_RC4_128_MD5 \nTLS_RSA_WITH_DES_CBC_SHA \nTLS_RSA_EXPORT_WITH_RC4_40_MD5 \nTLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 \nTLS_RSA_EXPORT1024_WITH_DES_CBC_SHA \nTLS_RSA_EXPORT1024_WITH_RC4_56_SHA \nTLS_RSA_WITH_NULL_SHA \nTLS_RSA_WITH_NULL_MD5 \nTLS_RSA_WITH_NULL_SHA256 \nTLS_ECDHE_RSA_WITH_NULL_SHA \nTLS_ECDHE_ECDSA_WITH_NULL_SHA \n \n**Note**: For these updates to take effect, please restart your Policy Server. \n \n6). **For all TAMeb and ISAM versions.** For all instances of WebSEAL, if the GSKit environment variables have been correctly configured as outlined in step two above and the value of the **ssl-qop-mgmt** within the WebSEAL configuration file is currently set to \u201cNo\u201d or \u201cFalse\u201d then no additional actions are required., skip to Step 7. \n \nFor all instances of WebSEAL, if the **ssl-qop-mgmt **attribute is set to \u201cYes\u201d or \u201cTrue\u201d, configure the default configuration entries in the **[ssl-qop-mgmt-default]** stanza to ensure that you remove any vulnerable ciphers. **Note:** Do not use a setting of 'ALL'. \n \nEnsure that the following ciphers are **not** present in the configured ciphers: \n \ndefault = RC4-40 \ndefault = RC2-40 \ndefault = DES-56 \ndefault = DES-56-62 \ndefault = RC4-56 \ndefault = RC4-128 \ndefault = RC2-128 \n\n7). For all instances of WebSEAL, if not already done, set the following environment variable during the start up process for WebSEAL- \n \nGSK_STRICTCHECK_CBCPADBYTES = GSK_FALSE \n** \nImportant** \\- If this environment variable is already set then it can remain in place. It should not have any effect on this mitigation plan. \n \n8). Upgrade to GSKit, 7.0.5.6 or 8.0.50.42, using the instructions provided in the readme of their respective releases. \n \n9). Restart all instances of WebSEAL.\n\n \n \n**_Mitigation for all ISAM for Web 7.0 and 8.0 appliance versions _** \n \n**Note:** It is important that you explicitly set values for all of these entries so that the default ciphers are not used. The list of default ciphers on the appliance includes some of the RC4 ciphers that are affected by this vulnerability. To mitigate this vulnerability, you must set all of the configuration entries that are described in the following steps. \n\n1). Update to the latest interim fixes for your product version - \n\n * [**_IBM Security Access Manager for Web 8.0.1.2 IF0002_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0&platform=All&function=all>)\n * [**_IBM Security Access Manager for Mobile 8.0.1.2 IF0002_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Security+Access+Manager+for+Mobile&release=8.0.1.0&platform=All&function=all>)\n * [**_IBM Security Access Manager for Web (WGA) 7.0.0 IF0014_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=All&function=all>)\n * [**_IBM Single Sign On for Bluemix v2 Identity Bridge 8.0.1.2 IF0002_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFix?product=ibm%2FTivoli%2FIBM+Single+Sign-On+for+Bluemix&fixids=8.0.1-ISS-SSOBluemix-IF0002&source=SAR&function=fixId&parent=Security%20Systems>)** **\n \n**Note:** Before applying the interim fixes, you must first ensure that you are running the latest fix pack level. \n2). Shut down all instances of the Reverse Proxy hosted by the appliance where these instructions are to be followed. \n \n3). For each of the instance of Reverse Proxy open its configuration file using the following instructions: \n \n1\\. Select 'Secure Web Settings -> Reverse Proxy' from the menu bar; \n2\\. Select the Reverse Proxy instance; \n3\\. Select 'Manage -> Configuration -> Edit Configuration File' from the menu \n \n4). For each instance of Reverse Proxy, under the **[ssl] **stanza, remove all references to RC4 ciphers from both the **gsk_attr_name** and the **jct_gsk_attr_name **attributes: \n \nLong Name \n\\----------------------------------- \nTLS_RSA_WITH_RC4_128_SHA \nTLS_RSA_WITH_RC4_128_MD5 \nTLS_RSA_WITH_DES_CBC_SHA \nTLS_RSA_EXPORT_WITH_RC4_40_MD5 \nTLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 \nTLS_RSA_EXPORT1024_WITH_DES_CBC_SHA \nTLS_RSA_EXPORT1024_WITH_RC4_56_SHA \nTLS_RSA_WITH_NULL_SHA \nTLS_RSA_WITH_NULL_MD5 \nTLS_RSA_WITH_NULL_SHA256 \nTLS_ECDHE_RSA_WITH_NULL_SHA \nTLS_ECDHE_ECDSA_WITH_NULL_SHA \n \n**Note** \\- Any instance of the above ciphers should be removed.** **Configure your environment to use one or more of the ciphers listed in the tables at the start of this tech note. \n \n5). On the Runtime Component management page, select 'Manage -> Configuration Files -> ldap.conf'. \n \nUpdate the following configuration entries to use one or more of the ciphers listed in the tables at the start of this tech note. \n \n[ldap] \nssl-tls-cipher-specs \ntls-v12-cipher-specs \n \nEnsure that you remove any references to the following cipher numbers - \n \n01 02 03 04 05 06 09 62 64 \n \n6) On the Runtime Component management page, select 'Manage -> Configuration Files -> activedir_ldap.conf'. \n \nUpdate the following configuration entries to ensure that there are no references to RC4 ciphers. You can use one or more of the ciphers listed in the tables at the start of this tech note. \n \n[uraf-registry] \nssl-tls-cipher-specs \ntls-v12-cipher-specs \n \nEnsure that you remove any references to the following ciphers: \n \nTLS_RSA_WITH_RC4_128_SHA \nTLS_RSA_WITH_RC4_128_MD5 \nTLS_RSA_WITH_DES_CBC_SHA \nTLS_RSA_EXPORT_WITH_RC4_40_MD5 \nTLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 \nTLS_RSA_EXPORT1024_WITH_DES_CBC_SHA \nTLS_RSA_EXPORT1024_WITH_RC4_56_SHA \nTLS_RSA_WITH_NULL_SHA \nTLS_RSA_WITH_NULL_MD5 \nTLS_RSA_WITH_NULL_SHA256 \nTLS_ECDHE_RSA_WITH_NULL_SHA \nTLS_ECDHE_ECDSA_WITH_NULL_SHA \n \n**Note**: For these updates to take effect, please restart your Policy Server. \n \n7). For all instances of the Reverse Proxy, if the **ssl-qop-mgmt **attribute is set to \u201cYes\u201d or \"True\", \nconfigure the default configuration entries in the **[ssl-qop-mgmt-default]** stanza to ensure that vulnerable ciphers are removed. **Note:** Do not use a setting of 'ALL'. \n \nEnsure that the following ciphers are **not** present in the configured ciphers: \n \ndefault = RC4-40 \ndefault = RC2-40 \ndefault = DES-56 \ndefault = DES-56-62 \ndefault = RC4-56 \ndefault = RC4-128 \ndefault = RC2-128 \n\n8). For each instance of Reverse Proxy if not already set, set the following attribute and value under the **[ssl]** stanza - \n \ngsk-attr-name = enum:471:0 \njct-gsk-attr-name = enum:471:0 \n** \nNote** \\- If this attribute is already set to then this can remain in place. It should not have any affect for the mitigation plan. \n \n9). For each instance of Reverse Proxy save and deploy the changes. \n \n10). Apply the appliance fix pack using the following instructions - \n \ni). Click Manage, and then click Fix Packs. \nii). In the Fix Packs pane, click New. \niii). In the Add Fix Pack window, click Browse to locate the fix pack file, and then click Open. \niv). Click Submit to install the fix pack. \n \n11). Once the appliance has restarted, verify that all Reverse Proxy servers are restarted successfully. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-16T21:24:10", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Security Access Manager for Web and IBM Tivoli Access Manager for e-business (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-16T21:24:10", "id": "95A37AC2C7F105661E81CCB7B98B49EAB2848DF53F74121F0FEE7D2AE8FA7EA2", "href": "https://www.ibm.com/support/pages/node/263697", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:45:03", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Intelligent Operations Center.\n\n## Vulnerability Details\n\n**CVE ID: **[CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION: **The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as **Bar Mitzvah Attack**. \n \nCVSS Base Score: 5.00 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \nCVSS Environmental Score: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Product and Version(s)**\n\n| **Product shipped as a component** \n---|--- \nIBM Intelligent Operations Center version 1.6.0.3| IBM HTTP Server \n \n## Remediation/Fixes\n\nInterim fix [PO04697](<http://www.ibm.com/support/docview.wss?uid=swg24039899>) fixes this issue. Either apply the interim fix, or follow the manual instructions that are provided in the \"Workarounds and Mitigations\" section.\n\n## Workarounds and Mitigations\n\n1\\. For a standard topology, on the web server, edit the following file: \n` /opt/IBM/HTTPServer/conf/httpd.conf` \n \nFor a high availability topology, modify the file on both of the web servers. \n \n2\\. Modify the following lines: \n \n` SSLCipherSpec ALL SSL_RSA_WITH_RC4_128_MD5 \nSSLCipherSpec ALL SSL_RSA_WITH_RC4_128_SHA \n` \nto: \n \n` ##SSLCipherSpec ALL SSL_RSA_WITH_RC4_128_MD5 \n##SSLCipherSpec ALL SSL_RSA_WITH_RC4_128_SHA \n` \n3\\. In a standard environment, restart the web server. For more information, see \"Starting the components in a standard environment\" in the [IBM Intelligent Operation Center product documentation](<http://www.ibm.com/support/knowledgecenter/SS3NGB_1.6.0/ioc/kc_welcome.dita>). \nIn a high availability environment, restart both web servers. For more information, see \"Starting the components in a high availability environment\" in the [IBM Intelligent Operation Center product documentation](<http://www.ibm.com/support/knowledgecenter/SS3NGB_1.6.0/ioc/kc_welcome.dita>).\n\n## ", "cvss3": {}, "published": "2018-06-17T22:28:25", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Intelligent Operations Center (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T22:28:25", "id": "BD5A8592894DFC559659FD42A38827EC577BA530F0B58F5F9014E3109AD96B82", "href": "https://www.ibm.com/support/pages/node/260689", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-12T17:34:51", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Real-time Compression Appliance \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".CVSS Base Score: 5CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current scoreCVSS Environmental Score*: UndefinedCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nReal-time Compression Appliance releases: V4.1, V3.9 and V3.8\n\n## Remediation/Fixes\n\nReal-time Compression Appliance 4.1.2.11 \nReal-time Compression Appliance 3.9.1.12 \nReal-time Compression Appliance 3.8.0.11 \n\n\nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nN/A\n\n## ", "cvss3": {}, "published": "2018-06-18T00:09:28", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Real-time Compression Appliance (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-18T00:09:28", "id": "5B548D29ED850BC7891B2ACCCA87A8C9D303BA759C5E2FF9BB6EFAB9E636812B", "href": "https://www.ibm.com/support/pages/node/690447", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:40:09", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" attack may affect \"Extension for Terminal-based Applications\" (a.k.a FTE ) that are shipped with Rational Functional Tester.\n\n## Vulnerability Details\n\n**CVEID**: [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>) \n \n**Description**: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. \n \nThis vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n \n**CVSS Base Score**: 5 \n**CVSS Temporal Score**: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nRational Functional Tester version 8.0.0.0 and later.\n\n## Remediation/Fixes\n\n**Vendor Fixes:** \n \n\n\n**Product**| **Version**| **APAR**| **Remediation/First fix** \n---|---|---|--- \nRFT| 8.0.0.x| None| Download the [fix](<ftp://ftp.software.ibm.com/software/rational/private/RFT-XNdcFmzrxPkn>) and apply it. \nRFT| 8.1.0.x and 8.1.1.x| None| Download the [fix](<ftp://ftp.software.ibm.com/software/rational/private/RFT-XNdcFmzrxPkn>) and apply it. \nRFT| 8.2.0.x, 8.2.1.x, and 8.2.2.x| None| Download the [fix](<ftp://ftp.software.ibm.com/software/rational/private/RFT-XNdcFmzrxPkn>) and apply it. \nRFT| 8.3.x| None| Download the [fix](<ftp://ftp.software.ibm.com/software/rational/private/RFT-XNdcFmzrxPkn>) and apply it. \nRFT| 8.5.x and 8.5.1.x| None| Download the [fix](<ftp://ftp.software.ibm.com/software/rational/private/RFT-XNdcFmzrxPkn>) and apply it. \nRFT| 8.6.x| None| Download the [fix](<ftp://ftp.software.ibm.com/software/rational/private/RFT-XNdcFmzrxPkn>) and apply it. \nRFT| 8.6.0.x| None| Download the [fix](<ftp://ftp.software.ibm.com/software/rational/private/RFT-XNdcFmzrxPkn>) and apply it. \n \nYou must verify that applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the setting, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-09-29T20:06:32", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Functional Tester's Extension for Terminal-based Applications (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-09-29T20:06:32", "id": "0ABE587D899C01C38CFC18FEE64504050E29A27D31F2123114BDF58FE58540F1", "href": "https://www.ibm.com/support/pages/node/261181", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:54:53", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects WebSphere eXtreme Scale version 7.1.0, 7.1.1, 8.5, and 8.6.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nWebSphere eXtreme Scale V7.1.0 \n\nWebSphere eXtreme Scale V7.1.1\n\nWebSphere eXtreme Scale V8.5\n\nWebSphere eXtreme Scale V8.6\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nWebSphere eXtreme Scale| 7.1.0| PI39113| [http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+eXtreme+Scale&release=7.1.0.3&platform=All&function=all](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+eXtreme+Scale&release=7.1.0.3&platform=All&function=all>) \nWebSphere eXtreme Scale| 7.1.1| PI39105| [http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+eXtreme+Scale&release=7.1.1.1&platform=All&function=all](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+eXtreme+Scale&release=7.1.1.1&platform=All&function=all>) \nWebSphere eXtreme Scale| 8.5.0| PI39105| [http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+eXtreme+Scale&release=8.5.0.3&platform=All&function=all](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+eXtreme+Scale&release=8.5.0.3&platform=All&function=all>) \nWebSphere eXtreme Scale| 8.6| None| No fix required, the remediation is to change java.security so that it has RC4 is one of the disabled algorithms. See Workarounds and Mitigation section below. \n \nVerify that applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nFor WebSphere eXtreme Scale versions 7.1.0, 7.1.1 and 8.5 stand-alone environments, apply the appropriate fix to upgrade your JDK. These fixes update the Java 6 to the appropriate version where RC4 can be turned off. Follow the instructions for disabling RC4 algorithm. For WebSphere eXtreme Scale V8.6 stand-alone environment, the Java shipped already supports disabling of the RC4 algorithm. You only need to change the` java.security` file as described. \n \n**Disable RC4 algorithm**\n\n 1. Edit the` java.security` file and turn off RC4 by adding the following setting: `jdk.tls.disabledAlgorithms=SSLv3,RC4`\n 2. When you run WebSphere eXtreme Scale in a WebSphere Application Server profile, follow the instructions for WebSphere Application Server described here: <http://www-01.ibm.com/support/docview.wss?uid=swg21701503>\n 3. When you run WebSphere eXtreme Scale in a WebSphere Application Server Liberty profile versions V8.5.0.0 through 8.5.5.5 Full Profile and you are configured for FIPS140-2, Suite B or SP800-131, your SSL communication for Liberty is not affected by this vulnerability. If you are not running in a WebSphere Application Server Liberty profile that is configured for one of these security options, you can either enable FIPS 140-2 in Liberty or update the profile by following the instructions described here: [_http://www-01.ibm.com/support/docview.wss?uid=swg21701503_](<http://www-01.ibm.com/support/docview.wss?uid=swg21701503>). \n\n## ", "cvss3": {}, "published": "2018-06-15T07:02:58", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere eXtreme Scale (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T07:02:58", "id": "F496B3D9EAEDF14B9DF4D0E0144A0D4807910FF339C97BD1102F40BE3101470F", "href": "https://www.ibm.com/support/pages/node/262767", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-12-02T21:37:18", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM License Metric Tool v7.5 and v7.2.2, IBM Endpoint Manager for Software Use Analysis v2.2 and IBM Tivoli Asset Discovery for Distributed v7.5 and v7.2.2\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n**IBM License Metric Tool v7.5 and v7.2.2** \n**IBM Endpoint Manager for Software Use Analysis v2.2** \n**IBM Tivoli Asset Discovery for Distributed v7.5 and v7.2.2**\n\n## Remediation/Fixes\n\nFor version 7.5 (using WebSphere Application Server 7): \n\n * Please apply the fix provided in the following bulletin: <http://www-01.ibm.com/support/docview.wss?uid=swg21701503>. You can also apply newer April 2015 Cumulative Patch Update for WebSphere available in the following bulletin: <https://www-304.ibm.com/support/docview.wss?uid=swg21902260>.\n \nFor version 7.2.2 (using WebSphere Application Server 6.1): \n\n * Aplease apply the fix provided in the April 2015 Cumulative Patch Update for WebSphere available in the following bulletin: <https://www-304.ibm.com/support/docview.wss?uid=swg21902260>. Please mind that you need to contact IBM Support in order to obtain the fix.\n\n## Workarounds and Mitigations\n\n**For version 7.2.2**: \n\n 1. Login to WebUI as administrator\n 2. On the task panel to the left expand **Security** item and click **SSL certificate and key management**.\n 3. In the **Related Items** group in the main panel click **SSL configurations**.\n 4. For each of the following 3 items (ILMTsecure, ILMTsecure_with_client_auth and NodeDefaultSSLSettings):\n * Click item on the list\n * In the **Additional Properties** group click** Quality of protection (QoP) settings**.\n * In **Cipher suites** area, on **Selected ciphers** group select all items containing string \"RC4\" (you can Control-click to select multiple items) and click **<< Remove** button.\n * Click **OK** button.\n * Click **Save** in **Messages** pane.\n * Server restart is not required.\n**For version 7.5**: \n\n 1. Login to WebUI as administrator.\n 2. On the task panel to the left expand **Settings **item and click **WebSphere Administrative Console**.\n 3. Click **Launch WebSphere administrative console** button in the main panel.\n 4. Login to WebSphere console.\n 5. Proceed with instructions provided for v7.2.2, starting from Step 2.\n \n**For version 2.2**: \n\n 1. Locate jetty.xml file in server installation (<SUA_install_dir>\\TEMA\\config\\jetty.xml).\n 2. Replace ExcludeCipherSuites element with the one provided below. Make sure you replace whole existing element.\n 3. Restart server.\n \nNote: You need to repeat the task each time you switch between HTTP and HTTPS settings. \n\n \nExcludeCipherSuites element: \n \n<Set name=\"ExcludeCipherSuites\"> \n<Array type=\"java.lang.String\"> \n<!-- default --> \n<Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item> \n<Item>SSL_DHE_DSS_WITH_AES_128_CBC_SHA</Item> \n<Item>SSL_DHE_DSS_WITH_AES_256_CBC_SHA</Item> \n<Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item> \n<Item>SSL_DHE_DSS_WITH_RC4_128_SHA</Item> \n<Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item> \n<Item>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</Item> \n<Item>SSL_DHE_RSA_WITH_AES_128_CBC_SHA</Item> \n<Item>SSL_DHE_RSA_WITH_AES_256_CBC_SHA</Item> \n<Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item> \n<Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item> \n<Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item> \n<Item>SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA</Item> \n<Item>SSL_RSA_FIPS_WITH_DES_EDE_CBC_SHA</Item> \n<Item>SSL_RSA_WITH_DES_CBC_SHA</Item> \n<!-- RC4 --> \n<Item>PCT_SSL_CIPHER_TYPE_1ST_HALF</Item> \n<Item>SSL_DH_anon_EXPORT_WITH_RC4_40_MD5</Item> \n<Item>SSL_DH_anon_WITH_RC4_128_MD5</Item> \n<Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item> \n<Item>SSL_RSA_WITH_RC4_128_MD5</Item> \n<Item>SSL_RSA_WITH_RC4_128_SHA</Item> \n<Item>SSL2_RC4_128_EXPORT40_WITH_MD5</Item> \n<Item>SSL2_RC4_128_WITH_MD5</Item> \n<Item>SSL2_RC4_64_WITH_MD5</Item> \n<Item>TLS_DH_Anon_EXPORT_WITH_RC4_40_MD5</Item> \n<Item>TLS_DH_Anon_WITH_RC4_128_MD5</Item> \n<Item>TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA</Item> \n<Item>TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA256</Item> \n<Item>TLS_DHE_DSS_WITH_RC4_128_SHA</Item> \n<Item>TLS_DHE_DSS_WITH_RC4_128_SHA256</Item> \n<Item>TLS_DHE_PSK_WITH_RC4_128_SHA</Item> \n<Item>TLS_DHE_PSK_WITH_RC4_128_SHA256</Item> \n<Item>TLS_ECDH_Anon_WITH_RC4_128_SHA</Item> \n<Item>TLS_ECDH_Anon_WITH_RC4_128_SHA256</Item> \n<Item>TLS_ECDH_ECDSA_WITH_RC4_128_SHA</Item> \n<Item>TLS_ECDH_ECDSA_WITH_RC4_128_SHA256</Item> \n<Item>TLS_ECDH_RSA_WITH_RC4_128_SHA</Item> \n<Item>TLS_ECDH_RSA_WITH_RC4_128_SHA256</Item> \n<Item>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</Item> \n<Item>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA256</Item> \n<Item>TLS_ECDHE_PSK_WITH_RC4_128_SHA</Item> \n<Item>TLS_ECDHE_PSK_WITH_RC4_128_SHA256</Item> \n<Item>TLS_ECDHE_RSA_WITH_RC4_128_SHA</Item> \n<Item>TLS_ECDHE_RSA_WITH_RC4_128_SHA256</Item> \n<Item>TLS_KRB5_EXPORT_WITH_RC4_40_MD5</Item> \n<Item>TLS_KRB5_EXPORT_WITH_RC4_40_SHA</Item> \n<Item>TLS_KRB5_EXPORT_WITH_RC4_40_SHA256</Item> \n<Item>TLS_KRB5_WITH_RC4_128_MD5</Item> \n<Item>TLS_KRB5_WITH_RC4_128_SHA</Item> \n<Item>TLS_KRB5_WITH_RC4_128_SHA256</Item> \n<Item>TLS_PSK_WITH_RC4_128_SHA</Item> \n<Item>TLS_PSK_WITH_RC4_128_SHA256</Item> \n<Item>TLS_RSA_EXPORT_WITH_RC4_40_MD5</Item> \n<Item>TLS_RSA_EXPORT1024_WITH_RC4_56_MD5</Item> \n<Item>TLS_RSA_EXPORT1024_WITH_RC4_56_SHA</Item> \n<Item>TLS_RSA_EXPORT1024_WITH_RC4_56_SHA256</Item> \n<Item>TLS_RSA_PSK_WITH_RC4_128_SHA</Item> \n<Item>TLS_RSA_PSK_WITH_RC4_128_SHA256</Item> \n<Item>TLS_RSA_WITH_RC4_128_MD5</Item> \n<Item>TLS_RSA_WITH_RC4_128_SHA</Item> \n<Item>TLS_RSA_WITH_RC4_128_SHA256</Item> \n</Array> \n</Set> \n--- \n \n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n[{\"Product\":{\"code\":\"SS8JFY\",\"label\":\"IBM License Metric Tool\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"7.2.2;7.5\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Product\":{\"code\":\"SSHT5T\",\"label\":\"Tivoli Asset Discovery for Distributed\"},\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"}],\"Version\":\"7.5\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB26\",\"label\":\"Storage\"}}]", "cvss3": {}, "published": "2022-08-19T18:23:31", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM License Metric Tool v7.5 and v7.2.2, IBM Endpoint Manager for Software Use Analysis v2.2 and IBM Tivoli Asset Discovery for Distributed v7.5 and v7.2.2 - CVE-2015-2808", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2022-08-19T18:23:31", "id": "AB73DF1DED880AA827EA4E5E91B8DBA3690CE7E70C1A60103A9F51A1BFEFA864", "href": "https://www.ibm.com/support/pages/node/260987", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:52:11", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Data Server Manager. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See[](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Data Server Manager Base Edition V1.1.0.0 \n\nIBM Data Server Manager Enterprise Edition V1.1.0.0\n\n## Remediation/Fixes\n\nV1.1.0.0\n\n| [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/Data+Server+Manager&release=1.1.0.0&platform=All&function=all>) (Interim Fix 1715) or see Workarounds and Mitigation below. \n---|--- \n \n## Workarounds and Mitigations\n\nDisable the RC4 cipher suite by adding \"RC4\" to the list of disabled algorithms defined by the jdk.tls.disabledAlgorithms security property in java.security file. \n \nEdit the java.security file that is located in the IBM Data Server Manager installation directory: \n` \n/java/jre/lib/security/java.security` \n \nAdd the following line and save the file: \n` \njdk.tls.disabledAlgorithms=RC4` \n \nIf the jdk.tls.disabledAlgorithms property was already enabled (without a \"#\" character at the beginning of the line), i.e.: \n` \njdk.tls.disabledAlgorithms=SSLv3` \n \nthen append the text _\", RC4\"_ to the end of the line and save the file. \n` \njdk.tls.disabledAlgorithms=SSLv3``**, RC4**` \n \nRestart the DSM Web Console server for this change to take effect. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {}, "published": "2018-06-16T13:10:37", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Data Server Manager (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-16T13:10:37", "id": "CA367890F60839B8FD6EBF2BA5CFCE86D86E7769E0EBE3BDBB16CD188DB19396", "href": "https://www.ibm.com/support/pages/node/261311", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:40:54", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Rational Developer for i, Rational Developer for AIX and Linux, and Rational Developer for Power Systems Software.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n**Product Name**\n\n| **Versions Affected** \n---|--- \nRational Developer for Power Systems Software| 8.5, 8.5.1 \nRational Developer for i| 9.0, 9.0.0.1, 9.0.1, 9.1, 9.1.1, 9.1.1.1 \nRational Developer for AIX and Linux, AIX COBOL Edition| 9.0, 9.0.0.1, 9.0.1, 9.1, 9.1.1 \nRational Developer for AIX and Linux, C/C++ Edition| 9.0, 9.0.0.1, 9.0.1, 9.1, 9.1.1 \n \n## Remediation/Fixes\n\n**Product**\n\n| **VRMF**| **Remediation/First Fix** \n---|---|--- \nRational Developer for Power Systems Software| 8.5.1| \n\n * None. \nRational Developer for i| 9.0 through to 9.1| \n\n * For **Modernization Tools- Java Edition** using Cordova, apply [IBM SDK for Node.js 1.1.0.14](<http://www.ibm.com/developerworks/web/nodesdk/>) to the Cordova platform in the product. \n \nInstallation instructions for applying the update to the Cordova platform in the product can be found here: \n \n[Upgrading the IBM SDK for Node.js used by Cordova](<http://www.ibm.com/support/docview.wss?uid=swg21684946>) \nRational Developer for AIX and Linux| 9.0 through to 9.1| \n\n * For all versions using Cordova, apply [IBM SDK for Node.js 1.1.0.14](<http://www.ibm.com/developerworks/web/nodesdk/>) to the Cordova platform in the product. \n \nInstallation instructions for applying the update to the Cordova platform in the product can be found here: \n \n[Upgrading the IBM SDK for Node.js used by Cordova](<http://www.ibm.com/support/docview.wss?uid=swg21684946>) \n \n## Workarounds and Mitigations\n\nIn addition to the fixes supplied above, if you are using any of the following products: \n\n\n * Rational Developer for Power Systems Software 8.5\n * Rational Developer for i 9.0, and 9.1\n * Rational Developer for AIX and Linux 9.0, and 9.1\n \nthen the following steps can be used to remove RC4 from the list of available algorithms: \n \n1\\. Ensure the product is not running. \n \n2\\. Locate the java.security file used by the product: \n\nRational Agent Controller: _install folder_/AgentController/jre/lib/security/java.security \nRational Application Developer for WebSphere Software: _install folder_/jdk/jre/lib/security/java.security \nRational Build Utility: _install folder_/jdk/jre/lib/security/java.security \n3\\. Edit the java.security file with a text editor and locate the line: \n\njdk.tls.disabledAlgorithms=SSLv3 \n \n4\\. Add RC4 to the list of disabled algorithms; For example: jdk.tls.disabledAlgorithms=SSLv3, RC4 \n \n5\\. Save the file and restart the product. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-08-03T04:23:43", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Developer for i, Rational Developer for AIX and Linux, and Rational Developer for Power Systems Software (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-08-03T04:23:43", "id": "EB0E4910AC8F107362FCFB92B342825670B7BE56EAB4A6B67E42EC18A46BB8D1", "href": "https://www.ibm.com/support/pages/node/261831", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:54:51", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM WebSphere Application Server that is used by WebSphere Business Compass.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nWebSphere Business Compass 7.0.0.4 \n\n_For earlier unsupported versions of the product, IBM recommends upgrading to a fixed, supported version of the product._\n\n## Remediation/Fixes\n\nConsult the security bulletin [_Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21701503>) for vulnerability details and information about fixes.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-15T07:03:06", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Business Compass (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T07:03:06", "id": "3DF285A3FF90C43EDD69CB416687365F4283BAAFBD885E9CE272832E25FD0FE0", "href": "https://www.ibm.com/support/pages/node/265313", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:46:38", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Tivoli Monitoring.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nThe following components of IBM Tivoli Monitoring (ITM) are affected by the RC4 \"Bar Mitzvah\" vulnerability: \n\n * * Tivoli Enterprise Portal Server (TEPS) \n * embedded WebSphere Application Server \u2013 ITM versions 6.20 through 6.30 FP4\n * IBM HTTP Server (IHS) - ITM versions 6.23 through 6.30 FP4\n * Portal Server Communication with Portal Clients when configured to use SSL over IIOP protocol - ITM versions 6.20 through 6.30 FP4\n * Tivoli Enterprise Management Server (TEMS) - when LDAP is configured - ITM versions 6.20 through 6.30 FP4.\n\n## Remediation/Fixes\n\n**\n\n## _Management Server_\n\n** \n \nIf LDAP is configured for user authentication on the management server, a patch with the remediation will need to be installed. The appropriate patch below should be installed on each management server (hub and remote) where the LDAP client is configured: \n\n\n * 6.30: Install 6.3.0-TIV-ITM-FP0004-IV72812\n * 6.23: Install 6.2.3-TIV-ITM-FP0005-IV72812\n * 6.22: Install 6.2.2-TIV-ITM-FP0009-IV72812\n * 621/6.20: IBM recommends upgrading to a fixed, supported version/release of the product as listed above..\n \nThe following link contains information about accessing the patches above: _ \n__<http://www.ibm.com/support/docview.wss?uid=swg24039910>_ \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n \n \n \n**\n\n## _Portal Server_\n\n** \n \n**\n\n### _embedded WebSphere Application Server:_\n\n** \n \nYou should verify applying this fix does not cause any compatibility issues. **_Fix_**| **_VMRF_**| **_Remediation/First Fix_** \n---|---|--- \n6.X.X-TIV-ITM_EWAS_ALL_20150731| 6.3.0.x| [__http://www.ibm.com/support/docview.wss?uid=swg24040392__](<http://www.ibm.com/support/docview.wss?uid=swg24040392>) \nPatch to upgrade the embedded WebSphere Application Server (eWAS) shipped as part of the IBM Tivoli Monitoring portal server to version 8.0.0.10 plus additional Interim Fixes referred to as Interim Fix Block 2__.__ \nTechnote| 6.2.3.x| __<http://www.ibm.com/support/docview.wss?uid=swg21633720>__ \nContains information about installing the embedded WebSphere Application Server (eWAS) patches for IBM Tivoli Monitoring 6.23. The link gives instructions to install** **eWAS 7.0 Fix Pack 33 (7.0.0.37) and Interim Fix block 1 \nTechnote| 6.2.2.x| [_http://www.ibm.com/support/docview.wss?uid=swg21509259_](<http://www.ibm.com/support/docview.wss?uid=swg21509259>) \nContains information about installing the embedded WebSphere Application Server (eWAS) patches for IBM Tivoli Monitoring 6.22. The link gives instructions are to install** **eWAS 6.1 Fix Pack 47 (6.1.0.47) and Interim Fix block 2. \n \nFor IBM Tivoli Monitoring 6.2.0 and 6.2.1, IBM recommends upgrading to a fixed, supported version/release of the product as listed above. \n \n**\n\n### _IBM HTTP Server (IHS):_\n\n** \nUpdate the configuration for the IBM HTTP Server (IHS) included as part of IBM Tivoli Monitoring portal server for versions 6.23 through 6.30 FP1. Note: Portal Server versions 6.20 through 6.22 FP9 are not affected and do not need the change below. \n \nEdit the IBM HTTP Server configuration file httpd.conf: \nWindows: Edit the file <install_dir>/IHS/conf/httpd.conf \nITM 6.2.3 on Linux/AIX: Edit the file <install_dir>/<arch>/iu/ihs/conf/httpd.conf \nITM 6.3.0 on Linux/AIX: Edit the file install_dir>/<arch>/iu/ihs/HTTPServer/conf/httpd.conf \n \nAdd the following directive to the httpd.conf file to disable RC4 ciphers for each context that contains \"SSLEnable\": \n \nSSLCipherSpec TLS_RSA_WITH_AES_128_CBC_SHA \nSSLCipherSpec TLS_RSA_WITH_AES_256_CBC_SHA \n \nStop and restart the portal server for the changes to take affect. \n \n \n**\n\n### __\n\n**Portal Server Communication with Portal Clients: \n \nPortal Server Communication with Portal Clients when configured to use SSL over IIOP protocol. SSL over IIOP is being used if both conditions below are true: \n\\- HTTPS is not being used \n\\- applet.html file does not have the tep.connection.protocol=http or https AND \n\\- tep.jnlp file does not have tep.connection.protocol=https \n\\- the KFW_INTERFACE_cnps_SSL is set to \"Y\" in the portal server environment file (Windows: kfwenv, UNIX/Linux: cq.config) \n \n \nYou should verify applying this fix does not cause any compatibility issues. **_Fix_**| **_VMRF_**| **_Remediation/First Fix_** \n---|---|--- \n6.3.0-TIV-ITM-FP0005-IV74486| 6.3.0 | [**__http://www.ibm.com/support/docview.wss?uid=swg24040448__**](<http://www.ibm.com/support/docview.wss?uid=swg24040448>) \n6.2.3-TIV-ITM-FP0005-IV74486| 6.2.3| [**__http://www.ibm.com/support/docview.wss?uid=swg24040448__**](<http://www.ibm.com/support/docview.wss?uid=swg24040448>) \n6.2.2-TIV-ITM-FP0009-IV74486| 6.2.2| [**__http://www.ibm.com/support/docview.wss?uid=swg24040448__**](<http://www.ibm.com/support/docview.wss?uid=swg24040448>) \n6.3.0-TIV-ITM-FP0006| 6.3.0.x| **__<http://www.ibm.com/support/docview.wss?uid=swg24040390>__** \nCheck link for status on availability. \n \nFor IBM Tivoli Monitoring 6.2.0 and 6.2.1, IBM recommends upgrading to a fixed, supported version/release of the product as listed above. \n \nYou should verify applying this fix does not cause any compatibility issues. \n\n## Workarounds and Mitigations\n\n**\n\n## _Portal Server Workarounds_\n\n** \nIf the patches above are not installed, the following configuration changes can be made on the portal server to address the issue. \n \n**\n\n### _Embedded WebSphere Application Server (eWAS) Workaround:_\n\n** \nUpdate the configuration for the embedded Websphere Application Server (eWAS) included as part of IBM Tivoli Monitoring portal server. \n \n1\\. Ensure the portal server is running. \n \n2\\. Start the TEPS/e administration console using the steps in the [**Starting the TEPS/e administration console**](<http://www.ibm.com/support/knowledgecenter/api/content/nl/en-us/SSTFXA_6.3.0/com.ibm.itm.doc_6.3/adminuse/userauthenticate_tepse_consolestart.htm>) section in the Administrator's Guide or follow the steps below: \nEnable the TEPS/e Administration Console:. \nOn Windows: Select the Tivoli Enterprise Portal server from Manage Tivoli Enterprise Monitoring Services (MTEMS), right mouse click, select Advanced --> TEPS/e Administration--> Enable TEPS/e Administration \n \nOn UNIX/Linux: Run the command: \n$CANDLEHOME/<interp>/iw/scripts/enableISCLite.sh true \n \n. Enable TEPS/e Administration Console password. \nOn Windows: Select the Tivoli Enterprise Portal server from MTEMS, right mouse click, select Advanced --> TEPS/e Administration--> Enable TEPS/e Password \n \nOn UNIX/Linux: Run the command: \n$CANDLEHOME/<interp>/iw/scripts/updateTEPSEPass.sh wasadmin <password> \n \n. Logon to the TEPS/e Administration Console by issuing the command: \nhttp://<teps_hostname>:15205/ibm/console. \nUse \"wasadmin\" as the userid and type in the password set in step 3 above. \n \n3\\. On the Administration Console \n\n * Go to Security > SSL certificate and key management > SSL configurations > NodeDefaultSSLSettings > Quality of protection (QoP)\n * In the \"Cipher suites\" select the following ciphers from \"Select ciphers\" box and remove them with the \"<< Remove\" button.\n * SSL_RSA_WITH_RC4_128_MD5\n * SSL_RSA_WITH_RC4_128_SHA\n * SSL_DHE_DSS_WITH_RC4_128_SHA\n * Apply/Save. \n * \n**\n\n### _Portal Server Communication with Portal Clients Workaround:_\n\n** \nA configuration change is required when the portal server is configured to use the SSL over IIOP protocol. SSL over IIOP is being used if both conditions below are true: \n\n * HTTPS is not being used \n * applet.html file does not have the tep.connection.protocol=http or https AND \n * tep.jnlp file does not have tep.connection.protocol=https \n * the KFW_INTERFACE_cnps_SSL is set to \"Y\" in the portal server environment file (Windows: kfwenv, UNIX/Linux: cq.config) \n \nEdit the portal server configuration file: \nWindows: <install_dir>/CNPS/KFWENV \nLinux/AIX: <install_dir>/config/cq.ini \n \nAdd/modify the following variable: \nITM version 6.30 through 6.30 FP4: \n \nKFW_ORBPARM=-Dvbroker.security.server.socket.enabledProtocols=TLS_Version_1_0_Only -Dvbroker.security.cipherList=TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_DES_CBC_SHA,TLS_DHE_RSA_ \nWITH_DES_CBC_SHA,TLS_RSA_WITH_DES_CBC_SHA \n \nITM version 620 through 6.23 FP5: \nKFW_ORBPARM=-Dvbroker.security.cipherList=TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_DES_CBC_SHA,TLS_DHE_RSA_ \nWITH_DES_CBC_SHA,TLS_RSA_WITH_DES_CBC_SHA \nStop and restart portal server for the changes to take affect. \n \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-17T15:23:36", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Tivoli Monitoring (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T15:23:36", "id": "221573BADDA79D6BF68490001072D814021E193880E87312148C454854170DE5", "href": "https://www.ibm.com/support/pages/node/262221", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T14:23:35", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Security Network Intrusion Prevention System.\n\n## Vulnerability Details\n\n \n**CVEID:**[_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n \n**DESCRIPTION: **The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nProducts: GX3002, GX4002, GX4004, GX4004-v2, GX5008, GX5008-v2, GX5108, GX5108-v2, GX5208, GX5208-v2, GX6116, GX7412, GX7412-10, GX7412-05, GX7800, GV200, GV1000 \n\nFirmware versions 4.6.2, 4.6.1, 4.6, 4.5, 4.4, and 4.3\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Network Intrusion Prevention System | Firmware version 4.6.2| [_4.6.2.0-ISS-ProvG-AllModels-System-FP0008_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.6.1| [_4.6.1.0-ISS-ProvG-AllModels-System-FP0012_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.6| [_4.6.0.0-ISS-ProvG-AllModels-System-FP0010_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.5| [_4.5.0.0-ISS-ProvG-AllModels-System-FP0012_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.4| [_4.4.0.0-ISS-ProvG-AllModels-System-FP0012_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \nIBM Security Network Intrusion Prevention System | Firmware version 4.3| [_4.3.0.0-ISS-ProvG-AllModels-System-FP0010_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>) \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nnone\n\n## ", "cvss3": {}, "published": "2022-02-23T19:48:26", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Security Network Intrusion Prevention System (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2022-02-23T19:48:26", "id": "19381B596DDAD25AEF97114618D93152FBDFB2C07A0F4F692E852D691167F676", "href": "https://www.ibm.com/support/pages/node/260933", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T18:00:35", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects TS2900. \n\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nFirmware versions below 0037.\n\n## Remediation/Fixes\n\nUpdate firmware version to 0037 or later. \n \nYou should verify that applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2023-03-26T01:04:50", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects TS2900 (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2023-03-26T01:04:50", "id": "E083AEF7E32576EE35EBC792C463859DEE8AF7CE4CA6E690788B1FFF379F7957", "href": "https://www.ibm.com/support/pages/node/690403", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T18:19:43", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" SSL/TLS may affect some configurations of the IBM HTTP Server and some configurations of the IBM Caching Proxy for WebSphere Application Server. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThe following IBM HTTP Server (IHS) and IBM Caching Proxy for WebSphere Application Server may be affected: \n\n * Version 8.5.5 \n * Version 8.5 \n * Version 8.0\n * Version 7.0 \n * Version 6.1 \n\n## Remediation/Fixes\n\n**For affected IBM HTTP Server for WebSphere Application Server:** \nThe recommended solutions is to apply the interim fix, Fix Pack or PTF containing APAR PI34229 for each named product as soon as practical. APAR PI34229 defaults to remove the RC4 ciphers from the default list that is used if you do not specify any ciphers. \n**NOTE:** If you specify any ciphers, you will also need to perform some of the steps in the mitigation section. \n\n** \nFor V8.5.0.0 through 8.5.5.5 Full Profile:**\n\n\u00b7 Upgrade to a minimum of Fix Pack 8.5.5.2 or later then apply Interim Fix [PI34229](<http://www-01.ibm.com/support/docview.wss?uid=swg24039770>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039197>)\n\n\\--OR-- \n\u00b7 Apply Fix Pack 8.5.5.6 or later. \n\n** \nFor V8.0 through 8.0.0.10:** \n\u00b7 Upgrade to a minimum of Fix Pack 8.0.0.9 or later and then apply Interim Fix [PI34229](<http://www-01.ibm.com/support/docview.wss?uid=swg24039770>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039197>)\n\n\\--OR-- \n\u00b7 Apply Fix Pack 8.0.0.11 or later. \n\n** \nFor V7.0.0.0 through 7.0.0.37:** \n\u00b7 Upgrade to a minimum of Fix Pack 7.0.0.33 or later and then apply Interim Fix [PI34229](<http://www-01.ibm.com/support/docview.wss?uid=swg24039770>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039197>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037517>)\n\n\\--OR-- \n\u00b7 Apply Fix Pack 7.0.0.39 or later. \n\n \n \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n \nFor unsupported versions IBM recommends upgrading to a fixed support version of the product. \n\n## Workarounds and Mitigations\n\n**For affected IBM HTTP Server for WebSphere Application Server:**\n\nIBM recommends disabling RC4 in IBM HTTP Server. To disable RC4, complete the steps below: \n\n \n \n**For Version 8.0 and later: **\n\n * A simple way to mitigate this issue is to turn on FIPS140-2 support which will both disable RC4 by default and remove any RC4 ciphers added inadvertently. To enable FIPS140-2, add 'SSLFIPSEnable' to each configuration stanza with 'SSLEnable' \n \nNote: On z/OS, SSLFIPSEnable is only available in 8.5.5.0 and later and is set once globally instead of per-virtual host. \n * * If you cannot enable FIPS140-2 support or if you run into a complication, you must complete **all** of the following to disable RC4: \n \n\n 1. To remove RC4 from the defaults, add the following directives to the** end** of each configuration stanza with 'SSLEnable' (VirtualHost or bottom of httpd.conf if SSLEnable is set globally) This step is not needed if you installed the Interim fix. \n` \nSSLCipherSpec ALL -SSL_RSA_WITH_RC4_128_SHA -SSL_RSA_WITH_RC4_128_MD5 \n`\n 2. **Remove **any 'SSLCipherSpec' explicitly enabling RC4 as illustrated below: \n` \n# All of these must be removed to disable RC4 \nSSLCipherSpec SSL_RSA_WITH_RC4_128_SHA \nSSLCipherSpec SSL_RSA_WITH_RC4_128_MD5 \nSSLCipherSpec 34 \nSSLCipherSpec 35`\n 3. Review the current configuration for SSL ciphers configured via SSLCipherSpec directives with at least **two arguments** each that add an RC4-based cipher. \n \nSearch for either \"RC4\" or the numbers \"34\" and \"35\" within SSLCipherSpec directives and **remove **the corresponding ciphers. \n \n``\n# For example if a configuration contains: SSLCipherSpec TLSv1 +SSL_RSA_WITH_RC4_SHA +TLS_RSA_WITH_AES_128_CBC_SHA \n# Remove the RC4 cipher, changing the directive to: \nSSLCipherSpec TLSv1 +TLS_RSA_WITH_AES_128_CVC_SHA \nDo this for all the 'SSLCipherSpec' directives. \n** \nFor Versions 6.0, 6.1, or 7.0:**\n\n * One way to mitigate this issue is to turn on FIPS140-2 support which will both disable RC4 by default and result in a startup error if RC4 is inadvertently enabled. \n``\nFor each existing 'SSLEnable' in your IHS configuration, add 'SSLFIPSEnable' \n\n * If you do not wish to enable FIPS140-2 support or if you run into a complication, you may do **all** of the following, whichever applies to your configuration: \n\n 1. If any of the following 'SSLCipherSpec' directives are contained in the configuration, **remove** them and make sure at least 1 other SSLCipherSpec specifies a SSLv3/TLSv1 cipher. See the following bullet for an example of strong non-RC4 ciphers. \n` \nSSLCipherSpec SSL_RSA_WITH_RC4_128_SHA \nSSLCipherSpec SSL_RSA_WITH_RC4_128_MD5 \nSSLCipherSpec 34 \nSSLCipherSpec 35 \n`\n 2. If 'SSLEnable' is configured, but no 'SSLCipherSpec' is specified, explicitly select strong ciphers (excluding RC4) with the following recommended ciphers: This step is not needed if you installed the interim fix. \n` \n`SSLCipherSpec TLS_RSA_WITH_AES_128_CBC_SHA \nSSLCipherSpec TLS_RSA_WITH_AES_256_CBC_SHA \nSSLCipherSpec SSL_RSA_WITH_3DES_EDE_CBC_SHA \n`` \n\n**For affected IBM Caching Proxy for WebSphere Application Server:**\n\nIBM recommends disabling RC4 in IBM Caching Proxy. To disable RC4, complete the steps below: \n\n \n \n**For Version 8.5.5.5 and later: **\n\n * A simple way to mitigate this issue is to turn on FIPS140-2 support which will both disable RC4 by default and remove any RC4 ciphers added inadvertently. To enable FIPS140-2, add the directive 'FIPSEnable on'' \n \n\n * If you cannot enable FIPS140-2 support or if you run into a complication, you must complete **all** of the following to disable RC4: \n \n\n 1. In TLSV11Cipherspecs directive, remove any references to the following ciphers: \n \n` \n# All of these must be removed to disable RC4 \nTLS_RSA_WITH_RC4_128_SHA(05) \nTLS_RSA_WITH_RC4_128_MD5(04) \n \n`\n 2. In V3Cipherspecs directive, remove** **any references to the following ciphers: \n` \n# All of these must be removed to disable RC4 \nTLS_RSA_WITH_RC4_128_SHA(05) \nTLS_RSA_WITH_RC4_128_MD5(04) \nTLS_RSA_EXPORT_WITH_RC4_40_MD5(03) \nTLS_RSA_EXPORT1024_WITH_RC4_56_SHA(64) `\n 3. In V2Cipherspecs directive, remove any references to the following ciphers: \n``\n1-RC4 US \n2-RC4 Export \n \n** \nFor Versions 8.5.5.4 and earlier:** \n\n\n * A simple way to mitigate this issue is to turn on FIPS140-2 support which will both disable RC4 by default and remove any RC4 ciphers added inadvertently. To enable FIPS140-2, add the directive 'FIPSEnable on'' \n \n\n * If you cannot enable FIPS140-2 support or if you run into a complication, you must complete **all** of the following to disable RC4: \n \n\n 1. In V3Cipherspecs directive, remove** **any references to the following ciphers: \n` \n# All of these must be removed to disable RC4 \nTLS_RSA_WITH_RC4_128_SHA(05) \nTLS_RSA_WITH_RC4_128_MD5(04) \nTLS_RSA_EXPORT_WITH_RC4_40_MD5(03) \nTLS_RSA_EXPORT1024_WITH_RC4_56_SHA(64) `\n 2. In V2Cipherspecs directive, remove any references to the following ciphers: \n``\n1-RC4 US \n \n\n\n## ", "cvss3": {}, "published": "2022-09-08T00:09:56", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM HTTP Server and Caching Proxy (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2022-09-08T00:09:56", "id": "CF5547CF1D5D824C37BDCF280934BF33268EB09472651473C4AC95EB8AB747D7", "href": "https://www.ibm.com/support/pages/node/260001", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T21:42:59", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM i\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nReleases 6.1, 7.1 and 7.2 of IBM i are affected. \n\n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\n**Remediation/Fixes**\n\n***Note- 07/22/15 There has been an update to this document to include PTF's to fix an empty default cipher suite list**\n\n \n***Note- 07/10/15 There has been an update to this document to include PTF's to disable RC4 from the default list **\n\nThe issue can be fixed for some applications by applying PTF\u2019s to IBM i. For the remaining applications, follow the steps in the Workarounds and Mitigations section. \nReleases 6.1, 7.1 and 7.2 of IBM i are supported and will be fixed. Releases V4R1, V4R2, V4R3, V4R4, V5R1, V5R2, V5R3 and V5R4 are unsupported and will not be fixed. \n \nThe IBM i PTF numbers are: \n \n**_IBM i OS and options:_**\n\nRelease 6.1 \u2013 SI57357, MF60331, MF60429\n\n \nRelease 6.1.1 - SI57357, MF60338, MF60431 \nRelease 7.1 \u2013 SI57332, MF60335, MF60430 \nRelease 7.2 \u2013 SI57320, MF60333, MF60334, MF60432 \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n \n**_Mitigation instructions for IBM i_**: \n \nThere are at least four different SSL implementations used on IBM i. \n \n\\- IBM i System SSL \n\\- OpenSSL in PASE \n\\- IBMJSSE2 \u2013 The default Java JSSE implementation \n\\- Domino \u2013 contains an embedded SSL implementation. Also uses System SSL in some configurations. \n\\- Other \u2013 Any 3rd party application could include an internal SSL implementation \n \n**_IBM i System SSL_**\n\nIBM i System SSL is a set of generic services provided in the IBM i Licensed Internal Code (LIC) to protect TCP/IP communications using the SSL/TLS protocol. \n\nSystem SSL is accessible to application developers from the following programming interfaces and JSSE implementation:\n\n\uf0b7 Global Security Kit (GSKit) APIs \n\n \n\uf0b7 Integrated IBM i SSL_ APIs \n\uf0b7 Integrated IBM i JSSE implementation (IBMi5OSJSSEProvider) \n \n \n\n\nSSL applications created by IBM, IBM business partners, independent software vendors (ISV), or customers that use one of the three System SSL interfaces listed above will use System SSL. For example, FTP and Telnet are IBM applications that use System SSL. Not all SSL enabled applications running on IBM i use System SSL.\n\n \n \n \n\n\nSystem SSL supports and uses by default up to five RC4 cipher suites based on release level.\n\n*ECDHE_ECDSA_RC4_128_SHA (default in 7.2 *TLSV1.2) \n\n \n*ECDHE_RSA_RC4_128_SHA (default in 7.2 *TLSV1.2) \n*RSA_RC4_128_SHA (default in 6.1/7.1/7.2 All protocol versions) \n*RSA_RC4_128_MD5 (default in 6.1/7.1 All protocol versions) \n*RSA_EXPORT_RC4_40_MD5 (not default. *TLSV1 and *SSLV3) \n \nThe application developer determines which cipher suites/algorithms are supported by the application when it is designed. \n\uf0b7 Some applications expose the cipher suite configuration to the end user. For those applications RC4 can be disabled through that application specific configuration. \n\uf0b7 Many applications do not provide a configuration option for controlling the cipher suites. It is difficult to determine if these applications support RC4. \n\uf0b7 Many applications use the System SSL default cipher suites such as FTP and Telnet. \n \n \nAfter loading the System SSL fixes listed in this bulletin, applications coded to use the default values will no longer negotiate the use of RC4 cipher suites with peers. \nIf RC4 support is required by peers of such an application after this PTF is applied, the values can be added back to the System SSL eligible default cipher suite list using System Service Tools (SST) Advanced Analysis Command SSLCONFIG. To change the System SSL settings with the Start System Service Tools (STRSST) \ncommand, follow these steps: \n \n1\\. Open a character based interface. \n2\\. On the command line, type STRSST. \n3\\. Type your service tools user name and password. \n4\\. Select option 1 (Start a service tool). \n5\\. Select option 4 (Display/Alter/Dump). \n6\\. Select option 1 (Display/Alter storage). \n7\\. Select option 2 (Licensed Internal Code (LIC) data). \n8\\. Select option 14 (Advanced analysis). \n9\\. Select option 1 (SSLCONFIG). \n10\\. Enter -h \n \nThis will show the help screen that describes the input strings to change the new System SSL setting for \u2013eligibleDefaultCipherSuites. \n \nSystem SSL\u2019s support of RC4 can be completely disabled at the system level using the system value QSSLCSL. In this case, RC4 is disabled for all applications including those with user configuration available for cipher suites. \n \n \n**How to change the QSSLCSL system value:**\n\nFrom a 5250 command line: \n\n**WRKSYSVAL SYSVAL(QSSLCSLCTL)**\n\n\uf0b7 Enter 5 to display **QSSLCSLCTL:** This will display one of two things: \n\n \n\uf0b7 *OPSYS: Which indicates QSSLCSL is controlled by the OS. \n\uf0b7 *USRDFN: Which indicates QSSLCSL is editable and controlled by the user. \n\uf0b7 If current value is *OPSYS; Enter 2 to edit **QSSLCSLCTL:** *OPSYS is the default value. Change the value to *USRDFN. \n\n \n**WRKSYSVAL SYSVAL(QSSLCSL)**\n\n\uf0b7 Enter 5 to display **QSSLCSL:** This will display the current ordered list of cipher suites.\n\n \n\uf0b7 If a cipher suite is in the list that contains the RC4 keyword; Enter 2 to edit **QSSLCSL:**\n\n\uf0b7 To remove a cipher suite, space over cipher suite name. Press Enter.\n\n \n**QSSLCSL value recommendation at the time of publish by release:**\n\n_R720_\n\n*ECDHE_ECDSA_AES_128_GCM_SHA256 \n\n \n*ECDHE_ECDSA_AES_256_GCM_SHA384 \n*ECDHE_RSA_AES_128_GCM_SHA256 \n*ECDHE_RSA_AES_256_GCM_SHA384 \n*RSA_AES_128_GCM_SHA256 \n*RSA_AES_256_GCM_SHA384 \n*ECDHE_ECDSA_AES_128_CBC_SHA256 \n*ECDHE_ECDSA_AES_256_CBC_SHA384 \n*ECDHE_RSA_AES_128_CBC_SHA256 \n*ECDHE_RSA_AES_256_CBC_SHA384 \n*RSA_AES_128_CBC_SHA256 \n*RSA_AES_128_CBC_SHA \n*RSA_AES_256_CBC_SHA256 \n*RSA_AES_256_CBC_SHA \n*ECDHE_ECDSA_3DES_EDE_CBC_SHA \n*ECDHE_RSA_3DES_EDE_CBC_SHA \n*RSA_3DES_EDE_CBC_SHA \n\n_R710_\n\n*RSA_AES_128_CBC_SHA256 (requires TR6 or later is installed and *TLSv1.2)\n\n \n*RSA_AES_128_CBC_SHA \n*RSA_AES_256_CBC_SHA256 (requires TR6 or later is installed and *TLSv1.2) \n*RSA_AES_256_CBC_SHA \n*RSA_3DES_EDE_CBC_SHA \n\n_R611 / R610 _\n\n*RSA_AES_128_CBC_SHA \n\n \n*RSA_AES_256_CBC_SHA \n*RSA_3DES_EDE_CBC_SHA \n\n**Application configuration through Digital Certificate Manager (DCM) **\n\n7.1 TR6 and 7.2 have DCM options for controlling the cipher suites used for specific applications such as Telnet and FTP. Applications with a DCM application definition can use the DCM Update Application Definition panel to configure which cipher suites are supported by the application. If the DCM value includes a cipher suite disabled by QSSLCSL, that cipher suite value will silently be discarded by System SSL.\n\nFor IBM HTTP Server for i, the cipher suite version cannot be controlled by the DCM application ID.\n\n \n**_IBM HTTP Server for i _** \n \nThe following three HTTP Server directives can be used to specify ciphers to be used during SSL handshake. \n \nSSLCipherSpec \nSSLProxyCipherSpec \nSSLCipherRequire \n \nSee [_http://www-01.ibm.com/support/knowledgecenter/ssw_ibm_i_72/rzaie/rzaiemod_ibm_ssl.htm?lang=en_](<http://www-01.ibm.com/support/knowledgecenter/ssw_ibm_i_72/rzaie/rzaiemod_ibm_ssl.htm?lang=en>) for the usage of the 3 directives \n \nIf none of the three directives is specified in HTTP server configuration file (httpd.conf), HTTP server will use the System SSL default cipher suite list. In this case, modify system value QSSLCSL to remove all RC4 cipher suite values. \n \nIf any of the three directives are specified in HTTP server configuration file (httpd.conf), remove all RC4 ciphers from the directives. \n \nNote: \n \nHTTP server supports both a long name and a short name for some ciphers. All RC4 ciphers in either long name or short name format must be removed. For example, these two directives both refer to cipher *RSA_RC4_128_MD5. \n \nSSLCipherSpec TLS_RSA_WITH_RC4_128_MD5 \nSSLCipherSpec 34 \n \nThe full short name and long name mapping table is located in knowledge center: [_http://www-01.ibm.com/support/knowledgecenter/ssw_ibm_i_72/rzaie/rzaiemod_ibm_ssl.htm?lang=en_](<http://www-01.ibm.com/support/knowledgecenter/ssw_ibm_i_72/rzaie/rzaiemod_ibm_ssl.htm?lang=en>) \n \nAn abridged HTTP mapping for the RC4 ciphers is included here for convenience. \n \n**Short Name**| **Long Name** \n---|--- \n34| TLS_RSA_WITH_RC4_128_MD5 \n35| TLS_RSA_WITH_RC4_128_SHA \nN/A| TLS_ECDHE_ECDSA_WITH_RC4_128_SHA \nN/A| TLS_ECDHE_RSA_WITH_RC4_128_SHA \n \n**_IBM Collaboration Solutions (formerly Lotus software)_**\n\n \n \nThe native Domino SSL stack includes RC4 ciphers in the default cipher list. \n \nRC4 ciphers can be disabled explicitly by removing them from the SSLCipherSpec notes.ini file setting. Please refer to these links for information on how to configure the SSLCipherSpec setting. \n \n[_http://www-10.lotus.com/ldd/dominowiki.nsf/dx/TLS_Cipher_Configuration_](<http://www-10.lotus.com/ldd/dominowiki.nsf/dx/TLS_Cipher_Configuration>) \n \n[_http://www-01.ibm.com/support/docview.wss?uid=swg21254333_](<http://www-01.ibm.com/support/docview.wss?uid=swg21254333>) \n \nIf Domino HTTP is using the System SSL stack then follow the System SSL instructions for disabling RC4 cipher suites. \n\n\n**_WebSphere Application Server_**\n\nThe RC4 \"Bar Mitzvah\" for SSL/TLS may affect some configurations of WebSphere Application Server. NOTE: If you are configured for FIPS140-2, Suite B or SP800-131 in your Security>SSL certificate and key management then you are not affected by this vulnerability or your SSL communication for Liberty.\n\nRefer to Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808) [_http://www.ibm.com/support/docview.wss?uid=swg21701503&myns=swgws&mynp=OCSSEQTP&mync=E&cm_sp=swgws-_-OCSSEQTP-_-E_](<http://www.ibm.com/support/docview.wss?uid=swg21701503&myns=swgws&mynp=OCSSEQTP&mync=E&cm_sp=swgws-_-OCSSEQTP-_-E>)\n\n**_OpenSSL_**\n\nRC4 ciphers are supported by OpenSSL. If you have an OpenSSL application you will need to disable RC4 programmatically.\n\nUse **SSL_CTX_set_cipher_list()** or **SSL_set_cipher_list() **to specify a cipher list that does not contain the RC4 ciphers.\n\n \n\n\nSee [_http://www.openssl.org/docs/ssl/SSL_CTX_set_cipher_list.html_](<http://www.openssl.org/docs/ssl/SSL_CTX_set_cipher_list.html>)\n\n \n\n\nChecking the ciphers configured can be done programmatically using **SSL_get_cipher_list()**\n\nSee [_http://www.openssl.org/docs/ssl/SSL_get_ciphers.html_](<http://www.openssl.org/docs/ssl/SSL_get_ciphers.html>)\n\n \n\n\n**_Potential Issues_**\n\n \n \nSome customers find that one or more peer systems they communicate with only support or otherwise require RC4 cipher suites. Connections with those peer systems will no longer work after disabling RC4 cipher suites. For business critical connections that must continue to happen, RC4 cipher suites will have to remain enabled until that peer can upgrade to support AES cipher suites. In those cases the administrator can disable RC4 cipher suites on an application by application basis where cipher suite configuration exists. If RC4 must remain enabled, the RC4 cipher suite should be placed at the end of the list of cipher suites. This will result in RC4 only being selected if the peer does not support any of the cipher suites located higher up in the list. \n \n**_How to determine if RC4 cipher suites are being negotiated by System_****_ _****_SSL_****_ _** \n \nThere is no easy way to determine this. A trace active at the time the secure connection is made is required. Refer to the following Technote for PTF numbers and instructions: \n\nHow to determine the SSL protocol and cipher suite used for each System SSL connection to the IBM i \n\n \n \n \n\n\n[_http://www-01.ibm.com/support/docview.wss?uid=nas8N1020594_](<http://www-01.ibm.com/support/docview.wss?uid=nas8N1020594>)\n\n## ", "cvss3": {}, "published": "2019-12-18T14:26:38", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM i (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-12-18T14:26:38", "id": "DCB853353DA5AE8472FF1C9154EAF43C8CB8E459D966C1AF23119C800B2D4085", "href": "https://www.ibm.com/support/pages/node/646213", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-13T05:38:01", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM XIV Management Tools.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM XIV Management Tools, all releases up to and including 4.5\n\n## Remediation/Fixes\n\nSee \u201cWorkarounds and Mitigations\u201d below.\n\n## Workarounds and Mitigations\n\nFor the IBM XIV XCLI and XIV GUI, edit the file <install-dir>\\jre\\lib\\security\\java.security: change the last line to \"jdk.tls.disabledAlgorithms=SSLv3, RC4\". After editing and saving, restart the application. \n\nFor the IBM Hyper-Scale Manager, edit the file $JAVA_IBM_HOME/lib/security/java.security, where JAVA_IBM_HOME is by default /home/msms/hyperscale/jre, and change the last line to \"jdk.tls.disabledAlgorithms=SSLv3, RC4\". After editing and saving, restart the application.\n\nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. \n\n \nIBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-18T00:09:27", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM XIV Management Tools (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-18T00:09:27", "id": "DCD5521B6EFA5BEBCDC29ECEF4477480540B720142644060148CBDF94F0707BD", "href": "https://www.ibm.com/support/pages/node/690431", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-13T05:38:00", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Storwize V7000 Unified.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n\n\n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Storwize V7000 Unified \n \nAll products are affected when running code releases 1.3, 1.4 and 1.5 except for version 1.5.2.0 and above.\n\n## Remediation/Fixes\n\nIBM recommends that you fix this vulnerability by upgrading affected versions of IBM Storwize V7000 Unified to the following code level or higher: \n \n1.5.2.0_ \n__ \n_[_Latest Storwize V7000 Unified Software_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003918&myns=s028&mynp=OCST5Q4U&mync=E>) \n \nAfter the upgrade has completed, please run one of the following commands ... \n\n\nchsecurity -sslprotocol 2 \nchsecurity -sslprotocol 3 \n[IBM Storwize V7000 Unified Knowledge Center - chsecurity command](<http://www-01.ibm.com/support/knowledgecenter/ST5Q4U_1.5.1/com.ibm.storwize.v7000.unified.151.doc/manpages/chsecurity.html>) \n \nThe requirement to run chsecurity will be removed in a future PTF. \n\n## ", "cvss3": {}, "published": "2018-06-18T00:09:27", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Storwize V7000 Unified (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-18T00:09:27", "id": "F3B24C6A2F5F6D4782E7CC3F5BA84FC18C519163A25D2A0F35B7925FEF6330A7", "href": "https://www.ibm.com/support/pages/node/690427", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:48:57", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Jazz Team Server and Cognos Business Intelligence (Cognos BI) shipped with Rational Insight.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product(s) and Version(s) \n---|--- \nRational Insight 1.1, 1.1.1, 1.1.1.1 and 1.1.1.2| Cognos BI 10.1.1 \nRational Insight 1.1.1.3| Cognos BI 10.2.1 \nRational Insight 1.1.1.4, 1.1.1.5 and 1.1.1.6| Cognos BI 10.2.1 Fix pack 2 \nJazz Team Server 5.0, 5.0.1 and 5.0.2 \nRational Insight 1.1.1.7| Cognos BI 10.2.1 Fix pack 2 \nJazz Team Server 6.0 \n \n## Remediation/Fixes\n\nApply the recommended fixes to all affected versions of Rational Insight. \n \n**Rational Insight 1.1 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.1.1 Interim Fix 13 (Implemented by file 10.1.6305.506)](<http://www-01.ibm.com/support/docview.wss?uid=swg24040116>). \nReview technote [1679272: Install a Cognos Business Intelligence 10.1.1 fix package in Rational Insight 1.1](<http://www-01.ibm.com/support/docview.wss?uid=swg21679272>) for detailed instructions.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1, 1.1.1.1 and 1.1.1.2 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.1.1 Interim Fix 13 (Implemented by file 10.1.6305.506)](<http://www-01.ibm.com/support/docview.wss?uid=swg24040116>). \nRead technote [1679281: Install a Cognos Business Intelligence 10.1.1 fix package in Rational Reporting for Development Intelligence 2.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679281>) for the detailed instructions for patch application.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1.3 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.2.1 Interim Fix 11 (Implemented by file 10.2..5000.1156)](<http://www-01.ibm.com/support/docview.wss?uid=swg24040114>) \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1.4 and 1.1.1.5 and 1.1.1.6 and 1.1.1.7 ** \n \n\n\n 1. If the Data Collection Component or Jazz Reporting Serivce are used, perform this step first. \nReview the topics in <http://www-01.ibm.com/support/docview.wss?uid=swg21715543> for addressing the listed vulnerabilities in their underlying Jazz Team Server. \n\n 2. If the Cognos-based reporting server is used, also perform this step. \nDownload the [IBM Cognos Business Intelligence 10.2.1.1 Interim Fix 10 (Implemented by file 10.2.5007.509)](<http://www-01.ibm.com/support/docview.wss?uid=swg24040114>) \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n 3. \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nPlease consult the security bulletins <http://www-01.ibm.com/support/docview.wss?uid=swg21715543> (Jazz Team Server) and <http://www-01.ibm.com/support/docview.wss?uid=swg21715530> (Cognos BI) for vulnerability details and information about fixes. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {}, "published": "2018-06-17T05:01:45", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Insight (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T05:01:45", "id": "2287B7930359AFE1373993C3806D5B58E0203D7B34173EF0EFB1D583985E57C6", "href": "https://www.ibm.com/support/pages/node/261253", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:48:53", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects Rational Automation Framework.\n\n## Vulnerability Details\n\n**CVEID:** [**CVE-2015-2808**](<https://vulners.com/cve/CVE-2015-2808>) \n** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. \nThis vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n \n**CVSS Base Score**: 5 \n**CVSS Temporal Score**: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>for the current score \n**CVSS Environmental Score***: Undefined \n**CVSS Vector**: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nRational Automation Framework 3.0.1, 3.0.1.1, 3.0.1.2, 3.0.1.2.1, 3.0.1.3, 3.0.1.3.1 and 3.0.1.3.2 on all supported platforms.\n\n## Remediation/Fixes\n\nUpgrade to [RAF 3.0.1.3 ifix3](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ERational&product=ibm/Rational/Rational+Automation+Framework&release=3.0.1.3i3&platform=All&function=all>) or later. \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T05:01:50", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Automation Framework (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T05:01:50", "id": "338C66CF52C825252C99256ED6F0C09751740A5D7CB0D5B32297FE6E716F57DD", "href": "https://www.ibm.com/support/pages/node/262071", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:52:49", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Cognos Controller\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Cognos Controller 10.2.1 \nIBM Cognos Controller 10.2 \nIBM Cognos Controller 10.1.1 \nIBM Cognos Controller 10.1 \nIBM Cognos Controller 8.5.1 \nIBM Cognos Controller 8.5\n\n## Remediation/Fixes\n\n[IBM Cognos Controller 10.2.1 FP1 IF1](<http://www.ibm.com/support/docview.wss?uid=swg24040667>) \n \n[IBM Cognos Controller 10.2 FP1 IF2](<http://www.ibm.com/support/docview.wss?uid=swg24040665>) \n \n[IBM Cognos Controller 10.1.1 FP3 IF4](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cognos&product=ibm/Information+Management/Cognos+8+Controller&release=10.1.1&platform=Windows+32-bit,+x86&function=fixId&fixids=10.1.1-BA-CNTRL-Win32-IF004>) \n \n[IBM Cognos Controller 10.1 IF4](<http://www.ibm.com/support/docview.wss?uid=swg24040668>) \n \n[IBM Cognos Controller 8.5.1 FP1 IF1](<http://www.ibm.com/support/docview.wss?uid=swg24040669>) \n \nUsers of IBM Cognos Controller 8.5 are advised to contact IBM Customer Support.\n\n## Workarounds and Mitigations\n\nThe RC4 cipher suites must be disabled using Cognos Configuration by performing the following actions: \n \n1) Start Cognos Configuration \n \n2) Navigate to Security/Cryptography/Cognos \n \n3) Open the supported cipher suites selection dialog \n \n4) Select all cipher suites that have RC4 in the the name and remove them from the Current Values List. Select OK to save the new list. \n \n5) Save and restart your service using Cognos Configuration. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n\n## ", "cvss3": {}, "published": "2018-06-15T22:36:45", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Cognos Controller (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T22:36:45", "id": "D051492C328048A4B83BDEE41811D722F3ED3F871B633F6DF5CE3210A7C60B64", "href": "https://www.ibm.com/support/pages/node/262781", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:52:50", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Algo Credit Limits.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nAlgo Credit Limits 4.7 and earlier\n\n## Remediation/Fixes\n\nA fix has been created for version 4.5.0.05 and 4.7.0.03 of the named product. Download and install the fix as soon as practicable. Fix and installation instructions are provided at the URL listed below. \n \nFor versions prior to 4.7.0 IBM recommends upgrading to a fixed, supported version/release/platform of the product. \n \n \n\n\nPatch Number| Download URL \n---|--- \nACLM 4.7.0.03 FP7| [_ACL 4.7.0.03 FP7 Solaris Oracle_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.7.0.03-Algo-CreditLimits-SolOra-fp0007:0&includeSupersedes=0&source=fc&login=true>) \n[_ACL 4.7.0.03 FP7 Solaris DB2_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.7.0.03-Algo-CreditLimits-SolDB2-fp0007:0&includeSupersedes=0&source=fc&login=true>) \n[_ACL 4.7.0.03 FP7 RedHat Oracle_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.7.0.03-Algo-CreditLimits-RHESOra-fp0007:0&includeSupersedes=0&source=fc&login=true>) \n[_ACL 4.7.0.03 FP7 AIX Oracle_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.7.0.03-Algo-CreditLimits-AIXOra-fp0007:0&includeSupersedes=0&source=fc&login=true>) \n[_ACL 4.7.0.03 FP7 Window GUI Oracle_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.7.0.03-Algo-CreditLimits-WinOra-fp0007:0&includeSupersedes=0&source=fc&login=true>) \n[_ACL 4.7.0.03 FP7 Window GUI DB2_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.7.0.03-Algo-CreditLimits-WinDB2-fp0007:0&includeSupersedes=0&source=fc&login=true>) \nACLM-TFOLC 4.5.0.05 IF9| [_ACL-TFOLC 4.5.0.05 IF9_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Information+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.5.0.5-Algo-CreditLimits-if0009-cs:0&includeSupersedes=0&source=fc&login=true>) \n \n \nAs the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n\nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nTo disable the RC4 stream cipher in your Algo Credit Limits server installation,** **edit $ACLM_HOME/jlib/platform/jre/jre/lib/security/java.security. Find the line **jdk.tls.disabledAlgorithms=SSLv3 **and change it to **jdk.tls.disabledAlgorithms=SSLv3,RC4** \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {}, "published": "2018-06-15T22:36:19", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Algo Credit Limits (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T22:36:19", "id": "1298B65FFCDE5A2CA1721D1320276E01494F651B0FB18D9D35ECD85A4A368D63", "href": "https://www.ibm.com/support/pages/node/261127", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:52:50", "description": "## Summary\n\nIBM WebSphere Application Server, IBM HTTP Server, IBM DB2, IBM SPSS Modeler, IBM Cognos Business Intelligence Server, IBM SPSS Collaboration and Deployment Services and IBM WebSphere MQ are shipped as components of IBM Predictive Maintenance and Quality. Information about a security vulnerability affecting IBM WebSphere Application Server, IBM HTTP Server, IBM DB2, IBM SPSS Modeler, IBM Cognos Business Intelligence Server, IBM SPSS Collaboration and Deployment Services and IBM WebSphere MQ has been published their respective security bulletins.\n\n## Vulnerability Details\n\nPlease consult the [_Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21701503>) for vulnerability details and information about fixes. \n \nPlease consult the [_Security Bulletin: Vulnerability in RC4 stream cipher affects IBM HTTP Server (CVE-2015-2808)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21701072>) for vulnerability details and information about fixes. \n \n \nPlease consult the [_Security Bulletin: Vulnerability in RC4 stream cipher affects IBM DB2 (CVE-2015-2808)_](<https://www-304.ibm.com/support/docview.wss?uid=swg21717865>) for vulnerability details and information about fixes. \n \nPlease consult the [_Security Bulletin: Vulnerability in RC4 stream cipher affects IBM SPSS Modeler (CVE-2015-2808)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21882559>) for vulnerability details and information about fixes. \n \nPlease consult the [_Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Cognos Business Intelligence Server (CVE-2015-2808)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21715530>) for vulnerability details and information about fixes. \n \nPlease consult the [_Security Bulletin: Vulnerability in RC4 stream cipher in IBM SDK Java Technology Edition, Versions 1.6 and 1.7 affects IBM SPSS Collaboration and Deployment Services (CVE-2015-2808)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21883440&myns=swgimgmt&mynp=OCSS69YH&mync=E&cm_sp=swgimgmt-_-OCSS69YH-_-E>) for vulnerability details and information about fixes. \n \nPlease consult the [_Security Bulletin: Vulnerability in RC4 stream cipher affects IBM WebSphere MQ (CVE-2015-2808)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21883551&myns=swgws&mynp=OCSSFKSJ&mync=E&cm_sp=swgws-_-OCSSFKSJ-_-E>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nIBM Predictive Maintenance and Quality 1.0 \n \n \n \n \n \n \n \nIBM Predictive Maintenance and Quality 2.0 \n \n \n \n \n \n \nIBM Predictive Maintenance and Quality 2.5| IBM WebSphere Application Server v8.0 \nIBM HTTP Server v8.0 \nIBM DB2 Enterprise Server Edition 9.7.0.7 \nIBM SPSS Modeler Server 15.0 \nIBM Cognos Business Intelligence Server 10.2 \nIBM SPSS Collaboration and Deployment Services 5.0 \nIBM WebSphere MQ 7.5 \n \nIBM WebSphere Application Server v8.5.5 \nIBM HTTP Server v8.0 \nIBM DB2 Enterprise Server Edition 10.1.0.3 \nIBM SPSS Modeler Server 16.0 \nIBM Cognos Business Intelligence Server 10.2.1 \nIBM SPSS Collaboration and Deployment Services 6.0 \nIBM WebSphere MQ 7.5.0.2 \n \nIBM WebSphere Application Server v8.5.5.3 \nIBM HTTP Server v8.5.5.3 \nIBM DB2 Enterprise Server Edition 10.5.0.4 \nIBM SPSS Modeler Server 16.0.0.1 \nIBM Cognos Business Intelligence Server 10.2.2 \nIBM SPSS Collaboration and Deployment Services 6.0.0.1 \nIBM WebSphere MQ 7.5.0.4 \n \n## ", "cvss3": {}, "published": "2018-06-15T22:36:45", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, IBM HTTP Server, IBM DB2, IBM SPSS Modeler, IBM Cognos Business Intelligence Server, IBM SPSS Collaboration and Deployment Services and IBM WebSphere MQ s", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T22:36:45", "id": "B1B58BDE39A65D50071D269BF6F095CFE15DD4C48288607879D00FC024234C78", "href": "https://www.ibm.com/support/pages/node/262735", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:51:48", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects InfoSphere Replication Dashboard.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nVersions 11.3.3, 11.3, 10.2.1, 10.2, 10.1 and 9.7 of InfoSphere Data Replication Dashboard are affected.\n\n## Remediation/Fixes\n\nThe recommended solution is to upgrade the product to the latest version. InfoSphere Data Replication Dashboard supports only the latest version so customers must install the latest version. The vulnerability fixes require upgrading the product to version 11.3.3.0-b312 or higher. Download the latest version of InfoSphere Data Replication Dashboard from [_http://www-01.ibm.com/support/docview.wss?uid=swg24023065_](<http://www-01.ibm.com/support/docview.wss?uid=swg24023065>) \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n_For versions 11.3.3, 11.3, 10.2.1, 10.2, 10.1 and 9.7 IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nNone known.\n\n## ", "cvss3": {}, "published": "2018-06-16T14:14:55", "type": "ibm", "title": "Security Bulletin:Vulnerability in RC4 stream cipher affects InfoSphere Replication Dashboard (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-16T14:14:55", "id": "60433903B8499C4322427D70EA00197BECEA206FA41B1F1949C4E6DFBCD29E8C", "href": "https://www.ibm.com/support/pages/node/264295", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:52:10", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM InfoSphere Optim Configuration Manager. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See[](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM InfoSphere Optim Configuration Manager for DB2 for Linux, UNIX, and Windows V2.1.0.0 through 3.1.0.1. \n \nIBM InfoSphere Optim Configuration Manager for DB2 for z/OS V2.1.0.0 through 3.1.0.1.\n\n## Remediation/Fixes\n\nV3.1.0.1\n\n| [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Optim+Configuration+Manager&release=3.1.0.1&platform=All&function=all>) (Interim Fix 002) or see Workarounds and Mitigations below. \n---|--- \nAll other versions| Replace JRE. For Linux platforms, visit [_http://www.ibm.com/developerworks/java/jdk/linux/download.html#java7_](<http://www.ibm.com/developerworks/java/jdk/linux/download.html>). For Windows platforms, contact IBM Technical Support. \n \n## Workarounds and Mitigations\n\nFor OCM versions 3.1.0.0 through 3.1.0.1 disable the RC4 cipher suite by adding \"RC4\" to the list of disabled algorithms defined by the jdk.tls.disabledAlgorithms security property in java.security file. \nEdit the java.security file that is located in the InfoSphere Optim Configuration Manager installation directory: \n` \n/jre/lib/security/java.security` \n \nAdd the following line and save the file: \n` \njdk.tls.disabledAlgorithms=RC4` \n \nIf the jdk.tls.disabledAlgorithms property was already enabled (without a \"#\" character at the beginning of the line), i.e.: \n` \njdk.tls.disabledAlgorithms=SSLv3` \n \nthen append the text _\", RC4\"_ to the end of the line and save the file. \n` \njdk.tls.disabledAlgorithms=SSLv3``**, RC4**` \n \nRestart the OCM Web Console server for this change to take effect. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {}, "published": "2018-06-16T13:10:37", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM InfoSphere Optim Configuration Manager (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-16T13:10:37", "id": "5C6CB5E656547D497007A49A5E3680CBE99483472C42C5C3AE5146EDBF1B33B1", "href": "https://www.ibm.com/support/pages/node/261309", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:52:20", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects Flex System Chassis Management Module (CMM).\n\n## Vulnerability Details\n\n## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects Flex System Chassis Management Module (CMM).\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**Description:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\n * 2PET10A\n * 2PET10B\n * 2PET10C\n * 2PET10D\n * 2PET10E\n * 2PET10F\n * 2PET10G\n * 2PET10H\n * 2PET10I\n * 2PET10K\n * 2PET10M\n * 2PET10P\n * 2PET10Q\n * 2PET12D\n * 2PET12E\n * 2PEO12E\n * 2PET12F\n * 2PET12G\n * 2PET12H\n * 2PET12I\n * 2PEO12I\n * 2PET12K\n * 2PEO12O\n * 2PET12O\n * 2PETE6L\n * 2PET12P\n * 2PEO12P\n * 2PET12R\n * 2PEO12R\n * 2PETE5O\n\n## Remediation/Fixes:\n\nNone\n\n## Workarounds and Mitigations:\n\nTo disable RC4 in the chassis, put CMM into the TLS 1.2 mode or NIST 800-131A mode:\n\nFrom Web: \n[ http://pic.dhe.ibm.com/infocenter/flexsys/information/topic/com.ibm.acc.cmm.doc/cmm_ui_configure_NIST_compliance.html](<http://pic.dhe.ibm.com/infocenter/flexsys/information/topic/com.ibm.acc.cmm.doc/cmm_ui_configure_NIST_compliance.html>)\n\nFrom CLI: \n[ http://pic.dhe.ibm.com/infocenter/flexsys/information/topic/com.ibm.acc.cmm.doc/cli_command_crypto.html](<http://pic.dhe.ibm.com/infocenter/flexsys/information/topic/com.ibm.acc.cmm.doc/cli_command_crypto.html>)\n\nNote: The steps above will also change the configuration of any IMM2 or FSP in the chassis to TLS 1.2 mode or NIST 800-131A mode.\n\n## References:\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n28 April 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2019-01-31T01:55:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Flex System Chassis Management Module (CMM) (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-01-31T01:55:01", "id": "AF02761E74AD07AEA127ACA8B498561189AC8DCD6872AC805154474D6CE7B6E0", "href": "https://www.ibm.com/support/pages/node/866686", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-13T09:36:48", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects TS4500.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nFirmware versions below 1.1.1.2.\n\n## Remediation/Fixes\n\nUpdate product to firmware version 1.1.1.2 or later. \n \nYou should verify that applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {}, "published": "2018-06-18T00:09:26", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects TS4500 (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-18T00:09:26", "id": "A61ACFBEA7EB35DC3E0966C9913AF28CB2C5D4D64F62042C595744E098F91566", "href": "https://www.ibm.com/support/pages/node/690407", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:47:15", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects Tivoli Storage Manager Operations Center\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nTivoli Storage Manager Operations Center v6.4 and v7.1.\n\n## Remediation/Fixes\n\n**TSM OC Release**\n\n| **Remediation/First Fix ** \n---|--- \n6.4| 6.4.2.100 - [ALL Operating Systems](<ftp://public.dhe.ibm.com/storage/tivoli-storage-management/patches/opcenter/6.4.2.100/>) (see **NOTE **below) \n7.1| 7.1.1.100 - [ALL Operating Systems](<ftp://public.dhe.ibm.com/storage/tivoli-storage-management/patches/opcenter/7.1.1.100/>) \n \n**NOTE:** \nFor Operations Center 6.4, you must first uninstall Operations Center, delete the cached files, and then reinstall Operations Center using the following instructions: \n \n\n\n 1. Download the Remediation Fix for Operations Center 6.4.2.100 (see above)\n 2. Open IBM Installation Manager, click Uninstall, and follow the instructions in the wizard.\n 3. Close IBM Installation Manager.\n 4. Copy the following file to a different directory: <install dir>/tsm/ui/Liberty/usr/servers \n/guiServer/serverConnection.properties \n 5. Delete the following directory: <install dir>/tsm/ui \n 6. Open IBM Installation Manager, click install, and follow the instructions in the wizard.\n 7. Close IBM Installation Manager.\n 8. Copy the serverConnection.properties file from its temporary location to the following directory: \n<install dir>/tsm/ui/Liberty/usr/servers \n\n\nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions\n\n## Workarounds and Mitigations\n\nDirect the GUI's Liberty profile web server to disable use of the SSLv3 and older protocols. This is done by editing the web server configuration to set the minimum protocol to be Transport Layer Security (TLS) 1.0. \n \nUse the following procedure to edit the web server configuration: \n \nFor TSM Operations Center v6.4.2 and v7.1.0 \n\n\n 1. Locate the server.xml file in its current directory: \nWindows: C:\\Tivoli\\TSM\\ui\\Liberty\\usr\\servers\\guiServer \nAIX / Linux: /opt/tivoli/tsm/ui/Liberty/usr/servers/guiServer\n 2. Edit the server.xml file with a text editor as follows: \na) Locate the existing line that starts with _<keyStore id=\"defaultKeyStore\" ..._ \nb) Insert the following 2 lines below it:_ \n<ssl id=\"ocSSLConfig\" sslProtocol=\"TLS\" keyStoreRef=\"defaultKeyStore\"/> \n<sslDefault sslRef=\"ocSSLConfig\"/> _ \nc) Save the changes to server.xml\n 3. In same directory as server.xml, save the jvm.options file that is attached to this bulletin and located after the Disclaimer.\n 4. Restart the web server as follows: \n\n * Windows: \na. Click **Start > Control Panel > Administrative Tools > Services** \nb. Right-click _Tivoli Storage Manager Operations Center_ Service and click **Restart** \n\n * AIX / Linux: Issue the following command as root: \n\nservice web server restart \n \nFor TSM Operations Center v7.1.1 \n\n 1. Locate the bootstrap.properties file in its current directory: \nWindows: C:\\Tivoli\\TSM\\ui\\Liberty\\usr\\servers\\guiServer \nAIX / Linux: /opt/tivoli/tsm/ui/Liberty/usr/servers/guiServer\n 2. Edit the value of tsm.https.sslRef to SP800131atransition and save changes\n 3. In same directory as bootstrap.properties, save the jvm.options file that is attached to this bulletin and located after the Disclaimer.\n 4. Restart the web server as follows: \n\n * Windows: \na. Click **Start > Control Panel > Administrative Tools > Services** \nb. Right-click _Tivoli Storage Manager Operations Center_ Service and click **Restart** \n\n * AIX / Linux: Issue the following command as root: \n\nservice web server restart \n \nThe GUI is now operational with SSLv3 and older protocols disabled. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-17T15:01:06", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affect Tivoli Storage Manager Operations Center (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T15:01:06", "id": "EEB7ECAD0C56426C2A1407DC3C645A116206BB0DBBD075E415E54669BCD8C813", "href": "https://www.ibm.com/support/pages/node/262845", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:37:53", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM DataQuant for Workstation. The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n * DataQuant for z/OS Version 2 Release 1, Fix Pack 3 (and earlier)\n * DataQuant for Multiplatforms Version 2 Release 1, Fix Pack 3 (and earlier)\n\n## Remediation/Fixes\n\n * DataQuant for z/OS Version 2 Release 1 and DataQuant for Multiplatforms Version 2 Release 1: install [DataQuant for Workstation 2.1 in Fix Pack 4](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DataQuant&release=2.1&platform=All&function=all>)\n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n_For IBM DataQuant for z/OS V1.2 and IBM DataQuant for Multiplatforms V1.2, IBM recommends upgrading to a fixed, supported version/release/platform of the product, IBM DataQuant for z/OS V2.1 and IBM DataQuant for Multiplatforms V2.1 respectively._\n\n## Workarounds and Mitigations\n\n**Important note: **IBM strongly suggests that all System z customers subscribe to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [_System z Security web site_](<http://www-03.ibm.com/systems/z/advantages/security/integrity_sub.html>). Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk.\n\n## ", "cvss3": {}, "published": "2021-02-11T16:57:46", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM DataQuant for Workstation (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2021-02-11T16:57:46", "id": "9AF459A47C5F674E1EEAC9038F1A38BB0088437F8A8C2399C93B05ECFD317312", "href": "https://www.ibm.com/support/pages/node/262065", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:47:15", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects the VMware GUI used by Tivoli Storage Manager for Virtual Environments: Data Protection for VMware 7.1 and Tivoli Storage FlashCopy Manager for VMware 4.1.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nThe VMware GUI component is affected which affects the following products and versions: \n\n * Tivoli Storage Manager for Virtual Environments: Data Protection for VMware 7.1.0.0 through 7.1.1.x\n * FlashCopy Manager for VMware 4.1.0.0 through 4.1.1.x\n\n## Remediation/Fixes\n\n**_Tivoli Storage Manager for VE: Data Protection for VMware Release_**\n\n| **_First Fixing VRMF Level_**| **_Client_** \n**_Platform_**| **_Link to Fix / Fix Availability Target_** \n---|---|---|--- \n7.1| 7.1.2| Linux \nWindows| <http://www.ibm.com/support/docview.wss?uid=swg24039450> \n \n**_Tivoli Storage \nFlashCopy Manager for VMware Release_**| **_First Fixing VRMF Level_**| **_Client_** \n**_Platform_**| **_Link to Fix / Fix Availability Target_** \n---|---|---|--- \n4.1| 4.1.2| Linux| <http://www.ibm.com/support/docview.wss?uid=swg24039478> \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nDirect the GUI's Liberty profile webserver to disable use of the SSLv3 and older protocols. This is done by editing the webserver configuration to set the minimum protocol to be Transport Layer Security (TLS) 1.0. \n \nUse the following procedure to edit the webserver configuration: \n \n1\\. Locate the file server.xml in its current directory: \nWindows: C:\\IBM\\tivoli\\tsm\\tdpvmware\\webserver\\usr\\servers\\veProfile \nLinux: /opt/tivoli/tsm/tdpvmware/common/webserver/usr/servers/veProfile \n \n2\\. Edit the server.xml file with a text editor as follows: \na) Locate the existing line that starts with _<keyStore id=\"defaultKeyStore\" ..._ \nb) Insert the following 2 lines below it: \n_<ssl id=\"veSSLConfig\" sslProtocol=\"TLS\" keyStoreRef=\"defaultKeyStore\"/>_ \n_ <sslDefault sslRef=\"veSSLConfig\"/> _ \nc) Save the changes to server.xml \n \n3\\. In same directory as server.xml, save the jvm.options file that is attached to this bulletin and located after the Disclaimer. \n \n4\\. Restart the webserver as follows: \nWindows: \na. Click **Start > Control Panel > Administrative Tools > Services** \nb. Right-click _Data Protection for VMware Web Server_ Service and click **Restart** \n \nLinux: Issue the following command as root: \nservice webserver restart \n \nThe GUI is now operational with SSLv3 and older protocols disabled. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-17T15:01:05", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects the VMware GUI in Tivoli Storage Manager for Virtual Environments: Data Protection for VMware and Tivoli Storage FlashCopy Manager for VMware (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T15:01:05", "id": "A8911B1672333C3DA91BF2CEB9A63F0B651141A12753A3B88640C9E860D0310E", "href": "https://www.ibm.com/support/pages/node/262797", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:47:14", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Tivoli Monitoring for Tivoli Storage Manager.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nThe following components of IBM Tivoli Monitoring for Tivoli Storage Manager (Reporting and Monitoring) are affected by the RC4 \"Bar Mitzvah\" vulnerability: \n\n * IBM Tivoli Monitoring for Tivoli Storage Manager (Reporting) 6.1 - 7.1\n\n## Remediation/Fixes\n\nThe solution provided is for IBM Tivoli Monitoring for Tivoli Storage Manager versions 6.3 and 7.1. \n\nYou can either apply the security fix to IBM Tivoli Monitoring or make the configuration changes in the workaround section. \n--- \n**Table: Security Fixes for IBM Tivoli Monitoring** \n**Note: The following table provides the security fixes for IBM Tivoli Monitoring for Tivoli Storage Manager version 6.3 - 7.1** **_IBM Tivoli Monitoring for Tivoli Storage Manager Version (Reporting and Monitoring)_**| **_Fix_**| **_Remediation/First Fix_** \n---|---|--- \n**_6.3.x_**| 6.2.2-TIV-ITM-FP0009-IV72812 \n \nPrerequisite ITM 6.2.2 FP 9 must be applied first.| [**__Download IFIX__**](<http://www.ibm.com/support/docview.wss?uid=swg24039910>) \n**_7.1.x_**| 6.3.0-TIV-ITM-FP0004-IV72812 \n \nPrerequisite ITM 6.3.0 FP 4 must be applied first.| [**__Download IFIX__**](<http://www.ibm.com/support/docview.wss?uid=swg24039910>) \n \n \nNOTE: \nExtended support customers using IBM Tivoli Monitoring versions 6.2 or 6.1 for Tivoli Storage Manager should contact IBM support. \n\n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\n**Configuration Changes** \n \n**Note: You only need to perform these configuration changes if you do not wish to apply the security fixes to IBM Tivoli Monitoring.** \n \n**_Portal Server_**\n\nConfiguration changes are needed on the following components on the portal server. \n\n\n**_Embedded WebSphere Application Server (eWAS)_**\n\n \n \nUpdate the configuration for the embedded Websphere Application Server (eWAS) included as part of IBM Tivoli Monitoring portal server. \n \n1\\. Ensure the portal server is running. \n \n2\\. Start the TEPS/e administration console using the steps in the [**_Starting the TEPS/e administration console_**](<http://www.ibm.com/support/knowledgecenter/api/content/nl/en-us/SSTFXA_6.3.0/com.ibm.itm.doc_6.3/adminuse/userauthenticate_tepse_consolestart.htm>) section in the Administrator's Guide or follow the steps below: \nEnable the TEPS/e Administration Console:. \nOn Windows: Select the Tivoli Enterprise Portal server from Manage Tivoli Enterprise Monitoring Services (MTEMS), right mouse click, select Advanced --> TEPS/e Administration--> Enable TEPS/e Administration \n \nOn UNIX/Linux: Run the command: \n$CANDLEHOME/<interp>/iw/scripts/enableISCLite.sh true \n \n. Enable TEPS/e Administration Console password. \nOn Windows: Select the Tivoli Enterprise Portal server from MTEMS, right mouse click, select Advanced --> TEPS/e Administration--> Enable TEPS/e Password \n \nOn UNIX/Linux: Run the command: \n$CANDLEHOME/<interp>/iw/scripts/updateTEPSEPass.sh wasadmin <password> \n \n. Logon to the TEPS/e Administration Console by issuing the command: \nhttp://<teps_hostname>:15205/ibm/console. \nUse \"wasadmin\" as the userid and type in the password set in step 3 above. \n \n3\\. On the Administration Console \n\n * Go to Security > SSL certificate and key management > SSL configurations > NodeDefaultSSLSettings > Quality of proection (QoP) \n * In the \"Cipher suites\" select the following ciphers from \"Select ciphers\" box and remove them with the \"<< Remove\" button. \n * SSL_RSA_WITH_RC4_128_MD5 \n * SSL_RSA_WITH_RC4_128_SHA \n * SSL_DHE_DSS_WITH_RC4_128_SHA\n * Apply/Save. \n \n**_IBM HTTP Server (IHS)_** \n \nUpdate the configuration for the IBM HTTP Server (IHS) included as part of IBM Tivoli Monitoring portal server for versions 6.23 through 6.30 FP1. Note: Portal Server versions 6.20 through 6.22 FP9 are not affected and do not need the change below. \n \nEdit the IBM HTTP Server configuration file httpd.conf: \nWindows: Edit the file <install_dir>/IHS/conf/httpd.conf \nITM 6.2.3 on Linux/AIX: Edit the file <install_dir>/<arch>/iu/ihs/conf/httpd.conf \nITM 6.3.0 on Linux/AIX: Edit the file install_dir>/<arch>/iu/ihs/HTTPServer/conf/httpd.conf \n \nAdd the following directive to the httpd.conf file to disable RC4 ciphers for each context that contains \"SSLEnable\": \n \nSSLCipherSpec TLS_RSA_WITH_AES_128_CBC_SHA \nSSLCipherSpec TLS_RSA_WITH_AES_256_CBC_SHA \n \nStop and restart the portal server for the changes to take affect. \n \n \n \n**_Portal Server Communication with Portal Clients_** \n \nA configuration change is required when the portal server is configured to use the SSL over IIOP protocol. SSL over IIOP is being used if both conditions below are true: \n\n * HTTPS is not being used \n * applet.html file does not have the tep.connection.protocol=http or https AND \n * tep.jnlp file does not have tep.connection.protocol=https \n * the KFW_INTERFACE_cnps_SSL is set to \"Y\" in the portal server environment file (Windows: kfwenv, UNIX/Linux: cq.config) \n \nEdit the portal server configuration file: \nWindows: <install_dir>/CNPS/KFWENV \nLinux/AIX: <install_dir>/config/cq.ini \n \nAdd/modify the following variable: \nITM version 6.30 through 6.30 FP4: \n \nKFW_ORBPARM=-Dvbroker.security.server.socket.enabledProtocols=TLS_Version_1_0_Only -Dvbroker.security.cipherList=TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_DES_CBC_SHA,TLS_DHE_RSA_ \nWITH_DES_CBC_SHA,TLS_RSA_WITH_DES_CBC_SHA \n \nITM version 620 through 6.23 FP5: \nKFW_ORBPARM=-Dvbroker.security.cipherList=TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_DES_CBC_SHA,TLS_DHE_RSA_ \nWITH_DES_CBC_SHA,TLS_RSA_WITH_DES_CBC_SHA \nStop and restart portal server for the changes to take affect. \n \n \nNOTE: \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n\n## ", "cvss3": {}, "published": "2018-06-17T15:01:53", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Tivoli Monitoring for Tivoli Storage Manager (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T15:01:53", "id": "D5A7B25AB9E44D2240950411FA878120A6EDD20A91791012C524AB1D974EAD12", "href": "https://www.ibm.com/support/pages/node/264169", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:47:45", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" attack for SSL/TLS affects Watson Explorer, Watson Content Analytics, and OmniFind Enterprise Edition.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n\nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nCVE-2015-2808 applies to the following products and versions: \n\n * Watson Explorer Foundational Components version 10.0.0.2 and earlier, version 9.0.0.6 and earlier, and version 8.2-4 and earlier\n * Watson Explorer Annotation Administration Console version 10.0.0.2 and earlier\n * Watson Explorer Analytical Components version 10.0.0.2 and earlier\n * Watson Content Analytics version 3.5.0.2 and earlier, version 3.0.0.5 and earlier, version 2.2.0.3 and earlier, and version 2.1.0.2 and earlier\n * OmniFind Enterprise Edition version 9.1.0.5 and earlier\n\n## Remediation/Fixes\n\nFollow these steps to upgrade to the required version of IBM\u00ae Runtime Environment Java\u2122 Technology Edition. \n\nThe table reflects product names at the time the specified versions were released. To use the links to Fix Central in this table, you must first log in to the IBM Support: Fix Central site at <http://www.ibm.com/support/fixcentral/>.\n\n**Affected Product**| **Affected Versions**| **Required IBM Java Runtime**| **How to acquire and apply the fix** \n---|---|---|--- \nIBM Watson Explorer Foundational Components| 10.0 through 10.0.0.2| JVM 7.0 SR9 or later| \n\n 1. If not already installed, install V10.0 Fix Pack 2 (see the Fix Pack [download document](<http://www.ibm.com/support/docview.wss?uid=swg24039429>)). \nIf you upgrade to Version 10.0.0.2 after you update IBM Java Runtime, your changes are lost and you must repeat the steps. \n 2. Download the IBM Java Runtime, Version 7 package for your edition (Standard, Enterprise, or Advanced) and operating system from [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Watson%2BGroup&product=ibm/Information+Management/InfoSphere+Data+Explorer&release=10.0.0.2&platform=All&function=all#Others>): interim fix **10.0.0.2-WS-WatsonExplorer-<Edition>Foundational-<OS>-7SR9** or later (for example, 10.0.0.2-WS-WatsonExplorer-EEFoundational-Linux-7SR9).\n 3. To apply the fix, follow the steps in [Updating IBM Java Runtime](<http://www.ibm.com/support/docview.wss?uid=swg21700618>). \nIBM Watson Explorer| 9.0 through 9.0.0.6| JVM 7.0 SR9 or later| \n\n 1. If not already installed, install V9.0 Fix Pack 6 (see [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Data+Explorer&release=9.0.0.6&platform=All&function=all>) to download V9.0.0.6 Standard Edition or Enterprise Edition[](<http://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=9.0.0.5-WS-WatsonExplorer-SE-FP001&continue=1>)[](<http://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=9.0.0.5-WS-WatsonExplorer-EE-FP001&continue=1>)). \nIf you upgrade to Version 9.0.0.6 after you update IBM Java Runtime, your changes are lost and you must repeat the steps.\n 2. Download the IBM Java Runtime, Version 7 package for your edition and operating system from [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Data+Explorer&release=9.0.0.4&platform=All&function=all#Others>): interim fix **9.0.0.5-WS-DataExplorer-<Edition>-<OS>-7SR9** or later (for example, 9.0.0.5-WS-DataExplorer-EE-Linux-7SR9).\n 3. To apply the fix, follow the steps in [Updating IBM Java Runtime](<http://www.ibm.com/support/docview.wss?uid=swg21700618>). \nIBM InfoSphere Data Explorer| 8.2 through 8.2-4| JVM 7.0 SR9 or later| \n\n 1. If not already installed, install V8.2 Fix Pack 4 (see [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Data+Explorer&release=8.2.4.0&platform=All&function=all>) to download V8.2-4). \nIf you upgrade to Version 8.2.4.0 after you update IBM Java Runtime, your changes are lost and you must repeat the steps.\n 2. Download the IBM Java Runtime, Version 7 package for your operating system from [Fix Central: ](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Watson%2BGroup&product=ibm/Information+Management/InfoSphere+Data+Explorer&release=8.2.2.0&platform=All&function=all#Other>)interim fix **8.2-3-WS-DataExplorer-<OS>-7SR9** or later (for example, 8.2-3-WS-DataExplorer-Windows-7SR9).\n 3. To apply the fix, follow the steps in [Updating IBM Java Runtime](<http://www.ibm.com/support/docview.wss?uid=swg21700618>). \nIBM Watson Explorer Foundational Components Annotation Administration Console| 10.0 through 10.0.0.2| JVM 7.0 SR9 or later| \n\n 1. If not already installed, install V10.0 Fix Pack 2 (see the Fix Pack [download document](<http://www.ibm.com/support/docview.wss?uid=swg24039429>)). \nIf you upgrade to Version 10.0.0.2 after you update IBM Java Runtime, your changes are lost and you must repeat the steps.\n 2. Download the 32-bit and 64-bit packages of IBM Java Runtime, Version 7 for IBM Watson Explorer Advanced Edition and your operating system from [Fix Central: ](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Watson%2BGroup&product=ibm/Information+Management/InfoSphere+Data+Explorer&release=10.0.0.2&platform=All&function=all#Others>)interim fix **10.0.0.2-WS-WatsonExplorer-AEAnalytical-<OS>[32]-7SR9 **or later (for example, 10.0.0.2-WS-WatsonExplorer-AEAnalytical-Linux32-7SR9 and 10.0.0.2-WS-WatsonExplorer-AEAnalytical-Linux-7SR9).\n 3. To apply the fix, follow the steps in [Updating IBM Java Runtime](<http://www.ibm.com/support/docview.wss?uid=swg21700619>). \nIBM Watson Explorer Analytical Components| 10.0 through 10.0.0.2| JVM 7.0 SR9 or later| \n\n 1. If not already installed, install V10.0 Fix Pack 2 (see the Fix Pack [download document](<http://www.ibm.com/support/docview.wss?uid=swg24039430>)). \nIf you upgrade to Version 10.0.0.2 after you configure IBM Java Runtime, your changes are lost and you must repeat the steps.\n 2. Download the 32-bit (or 31-bit, if you use Linux on System z) and 64-bit packages of IBM Java Runtime, Version 7 for IBM Watson Explorer Advanced Edition and your operating system from [Fix Central: ](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Watson%2BGroup&product=ibm/Information+Management/InfoSphere+Data+Explorer&release=10.0.0.2&platform=All&function=all#Others>)interim fix **10.0.0.2-WS-WatsonExplorer-AEAnalytical-<OS>[32|31]-7SR9** or later (for example, 10.0.0.2-WS-WatsonExplorer-AEAnalytical-Linux32-7SR9 and 10.0.0.2-WS-WatsonExplorer-AEAnalytical-Linux-7SR9).\n 3. To apply the fix, follow the steps in [Updating IBM Java Runtime](<http://www.ibm.com/support/docview.wss?uid=swg21700620>). \n 4. If you use WebSphere Application Server instead of the embedded web application server, follow the instructions in the security bulletin, [Vulnerability in RC4 stream cipher affects WebSphere Application Server](<http://www.ibm.com/support/docview.wss?uid=swg21701503>). \nIBM Watson Content Analytics| 3.5 through 3.5.0.2| JVM 7.0 SR9 or later| \n\n 1. If not already installed, install V3.5 Fix Pack 2 (see the Fix Pack [download document](<http://www.ibm.com/support/docview.wss?uid=swg24039428>)). \nIf you upgrade to Version 3.5.0.2 after you configure IBM Java Runtime, your changes are lost and you must repeat the steps. \n 2. Download the 32-bit (or 31-bit, if you use Linux on System z) and 64-bit packages of IBM Java Runtime, Version 7 for your operating system from [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Watson%2BGroup&product=ibm/Information+Management/IBM+Cognos+Content+Analytics&release=3.5.0.2&platform=All&function=all>): interim fix **3.5.0.2-WT-WCA-<OS>[32|31]-7SR9** or later (for example, 3.5.0.2-WT-WCA-AIX32-7SR9 and 3.5.0.2-WT-WCA-AIX-7SR9).\n 3. To apply the fix, follow the steps in [Updating IBM Java Runtime](<http://www.ibm.com/support/docview.wss?uid=swg21700621>).\n 4. If you use WebSphere Application Server instead of the embedded web application server, follow the instructions in the security bulletin, [Vulnerability in RC4 stream cipher affects WebSphere Application Server](<http://www.ibm.com/support/docview.wss?uid=swg21701503>). \nIBM Content Analytics with Enterprise Search| 3.0 through 3.0.0.5| JVM 6.0 SR16-FP4 or later| \n\n 1. If not already installed, install V3.0 Fix Pack 5 (see the Fix Pack [download document](<http://www.ibm.com/support/docview.wss?uid=swg24038808>)). \nIf you upgrade to Version 3.0.0.5 after you update IBM Java Runtime, your changes are lost and you must repeat the steps.\n 2. Download the 32-bit (or 31-bit, if you use Linux on System z) and 64-bit packages of IBM Java Runtime, Version 6 for your operating system from [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Watson%2BGroup&product=ibm/Information+Management/IBM+Cognos+Content+Analytics&release=3.0.0.5&platform=All&function=all>): interim fix **3.0.0.5-WT-ICA-<OS>[32|31]-6SR16FP4** or later (for example, 3.0.0.5-WT-ICA-Linux32-6SR16FP4 and 3.0.0.5-WT-ICA-Linux-6SR16FP4).\n 3. To apply the fix, follow the steps in [Updating IBM Java Runtime](<http://www.ibm.com/support/docview.wss?uid=swg21700622>).\n 4. If you use WebSphere Application Server instead of the embedded web application server, follow the instructions in the security bulletin, [Vulnerability in RC4 stream cipher affects WebSphere Application Server](<http://www.ibm.com/support/docview.wss?uid=swg21701503>). \nIBM Content Analytics| 2.2 through 2.2.0.3| JVM 6.0 SR16-FP4 or later| \n\n 1. If not already installed, install V2.2 Fix Pack 3 (see the Fix Pack [download document](<http://www.ibm.com/support/docview.wss?uid=swg24033352>)). \nIf you upgrade to Version 2.2.0.3 after you update IBM Java Runtime, your changes are lost and you must repeat the steps.\n 2. Download the 32-bit (or 31-bit, if you use Linux on System z) and 64-bit packages of IBM Java Runtime, Version 6 for your operating system from [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Watson%2BGroup&product=ibm/Information+Management/IBM+Cognos+Content+Analytics&release=2.2.0.3&platform=All&function=all>): interim fix **2.2.0.3-WT-ICA-<OS>[32|31]-6SR16FP4** or later (for example, 2.2.0.3-WT-ICA-AIX32-6SR16FP4 and 2.2.0.3-WT-ICA-AIX-6SR16FP4).\n 3. To apply the fix, follow the steps in [Updating IBM Java Runtime](<http://www.ibm.com/support/docview.wss?uid=swg21700623>).\n 4. If you use WebSphere Application Server instead of the embedded web application server, follow the instructions in the security bulletin, [Vulnerability in RC4 stream cipher affects WebSphere Application Server](<http://www.ibm.com/support/docview.wss?uid=swg21701503>). \nIBM Cognos Content Analytics| 2.1 through 2.1.0.2| JVM 6.0 SR16-FP4 or later| \n\n 1. If not already installed, install V2.1 Fix Pack 2 (see the Fix Pack [download document](<http://www.ibm.com/support/docview.wss?uid=swg24028203>)). \nIf you upgrade to Version 2.1.0.2 after you update IBM Java Runtime, your changes are lost and you must repeat the steps.\n 2. Download the 32-bit and 64-bit packages of IBM Java Runtime, Version 6 for your operating system from [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Watson%2BGroup&product=ibm/Information+Management/IBM+Cognos+Content+Analytics&release=2.1.0.2&platform=All&function=all#Others>): interim fix **2.1.0.2-WT-ICA-<OS>[32]-6SR16FP4** or later (for example, 2.1.0.2-WT-ICA-AIX32-6SR16FP4 and 2.1.0.2-WT-ICA-AIX-6SR16FP4).\n 3. To apply the fix, follow the steps in [Updating IBM Java Runtime](<http://www.ibm.com/support/docview.wss?uid=swg21959215>). \nIBM OmniFind Enterprise Edition| 9.1 through 9.1.0.5| JVM 6.0 SR16-FP4 or later| \n\n 1. If not already installed, install V9.1 Fix Pack 5 (see the Fix Pack [download document](<http://www.ibm.com/support/docview.wss?uid=swg24035824>)). \nIf you upgrade to Version 9.1.0.5 after you update IBM Java Runtime, your changes are lost and you must repeat the steps.\n 2. Download the 32-bit (or 31-bit, if you use Linux on System z) and 64-bit packages of IBM Java Runtime, Version 6 for your operating system from [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Watson%2BGroup&product=ibm/Information+Management/IBM+OmniFind+Enterprise+Edition&release=9.1.0.5&platform=All&function=all>): interim fix **9.1.0.5-WT-OEE-<OS>[32|31]-6SR16FP4** or later (for example, 9.1.0.5-WT-OEE-Windows32-6SR16FP4 and 9.1.0.5-WT-OEE-Windows-6SR16FP4).\n 3. To apply the fix, follow the steps in [Updating IBM Java Runtime](<http://www.ibm.com/support/docview.wss?uid=swg21700624>).\n 4. If you use WebSphere Application Server instead of the embedded web application server, follow the instructions in the security bulletin, [Vulnerability in RC4 stream cipher affects WebSphere Application Server](<http://www.ibm.com/support/docview.wss?uid=swg21701503>). \n \n**Note: **The IBM Java Runtime versions referenced in this security bulletin include the fixes for the vulnerabilities identified in [](<http://www.ibm.com/support/docview.wss?uid=swg21700625>)[Vulnerability in IBM Java Runtime](<http://www.ibm.com/support/docview.wss?uid=swg21700625>) (the \u201cFREAK: Factoring attack on RSA-EXPORT keys\"). \n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {}, "published": "2018-06-17T13:04:51", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Watson Explorer, Watson Content Analytics, and OmniFind Enterprise Edition (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T13:04:51", "id": "FA2F2201782B1543085C54AF885559335008FF5E107BC8B64162CFD984471A77", "href": "https://www.ibm.com/support/pages/node/261049", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-13T09:36:52", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects TS3400.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nFirmware versions below 0053.\n\n## Remediation/Fixes\n\nUpdate product to firmware version 0053 or later. \n \nYou should verify that applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {}, "published": "2018-06-18T00:09:26", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects TS3400 (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-18T00:09:26", "id": "C647AAD0793912354F54C4B8043E2D01E399C4D5A45845600A6C92FFFFA7A81B", "href": "https://www.ibm.com/support/pages/node/690409", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T21:49:06", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects TXSeries for Multiplatforms.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nTXSeries for Multiplatforms V7.1, V8.1 and V 8.2\n\n## Remediation/Fixes\n\n \nDownload the respective APAR from IBM Fix Central based on the TXSeries for Multiplatforms version that you have installed. \n \n\n\nTXSeries for Multiplatforms Version | APAR \n---|--- \n7.1| IV73492 \n8.1 | IV73594 \n8.2| IV73500 \n \n## Workarounds and Mitigations\n\nTXSeries for Multiplatforms provides an optional configurable capability to enable SSL for its IPIC communication protocol. RC4 stream cipher is enabled in the default configuration. \n\nTXSeries V7.1.0.4 or higher will support disabling RC4 when it is configured with GSKit version 8.x. The instructions below provide guidance to disable RC4 stream cipher.\n\n \n\n\n**_TXSeries for Multiplatforms V7.1_**\n\nIf you are on TXSeries for Multiplatforms V7.1, you need to upgrade to Fixpack 4 or higher. Lower fix pack levels do not support disabling RC4.\n\nSteps to disable RC4 (TXSeries V7.1.0.4 or higher)\n\n1\\. Stop the TXSeries region.\n\n2\\. If you have not configured your region to use GSKit version 8.x, set the below variable in the region\u2019s environment file. CICS_GSKIT_VERSION=8\n\nIf your region is already configured with GSKit version 8.x then go to step 3.\n\n(By Default TXSeries 7.1 support GSKit version 7.x. Refer to the TXSeries infocenter for further configuration details.)\n\n3\\. Set the below environment variable in the region\u2019s environment file. CICS_SP800_131MODE=\u201dSP800_131MODE\u201d. This will enable SSL FIPS processing mode which will in turn disable RC4 stream cipher. \n\n4\\. Restart the TXSeries region.\n\n**_TXSeries for Multiplatforms V8.1 and V8.2_**\n\nSteps to disable RC4 (TXSeries V8.1.0.0 or higher)\n\n1\\. Stop the TXSeries region. \n\n2\\. Set the below environment variable in the regions environment file \n\nCICS_SP800_131MODE=\u201dSP800_131MODE\u201d. This will enable FIPS processing mode which will in turn disable RC4 stream cipher.\n\n3\\. Restart the TXSeries region.\n\nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-08-03T04:23:43", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects TXSeries for Multiplatforms. (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-08-03T04:23:43", "id": "425D172129BCAE4456CF300C4333C895F0E829F96F33151F464CF26A70D2C2D8", "href": "https://www.ibm.com/support/pages/node/710397", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:52:12", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM DB2 Recovery Expert for Linux, UNIX, and Windows\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM DB2 Recovery Expert for Linux, UNIX, and Windows V3.1 - V4.1\n\n## Remediation/Fixes\n\nReplace existing JRE with JRE V7 SR9-Fix Pack 1 (<http://www-01.ibm.com/support/docview.wss?uid=swg21639279>). \n\nYou can replace the IBM Runtime Environment, Java\u2122 Technology Edition that is installed with IBM DB2 Recovery Expert for Linux, UNIX, and Windows with the latest IBM Runtime Environment, Java\u2122 Technology Edition following the detailed instructions provided in the tech-note \"[_Updating the JRE for DB2 Recovery Expert for Linux, UNIX and Windows_](<http://www-01.ibm.com/support/docview.wss?uid=swg21644942>)\".\n\n## Workarounds and Mitigations\n\nDisabling RC4. This can be achieved by adding RC4 to the list of disabled algorithms defined by the security property \n\n_jdk.tls.disabledAlgorithms _\n\nlocated in the file _<RE install directory>/jre/lib/security/java.security _.\n\nAlternatively, the RC4 cipher can be disabled within the IBM WebSphere Application Server Liberty Profile** **component that is embedded with Recovery Expert by adding the property definition \n\n_com.ibm.jsse2.sp800-131=transition_\n\nin the file _<RE install directory>/Config/dswebserver.properties_\n\n \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. ** **\n\n## ", "cvss3": {}, "published": "2018-06-16T13:10:36", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM DB2 Recovery Expert for Linux, UNIX, and Windows (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-16T13:10:36", "id": "BDD09DC99F92259DA1EC4EA1111BFCD2837C26C6E19B09E7B530EDEC8D6C298D", "href": "https://www.ibm.com/support/pages/node/261255", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:47:07", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM MessageSight.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\nCVSS Base Score: 5\n\n \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM MessageSight 1.2 and earlier\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_IBM MessageSight_| _1.1_| _IT08200_| 1.1.0.1-IBM-IMA-IFIT08200 \n_IBM MessageSight_| _1.2_| _IT08200_| 1.2.0.0-IBM-IMA-Physical-IFIT08200 \n\n1.2.0.0-IBM-IMA-VirtualEdition-IFIT08200\n\n1.2.0.0-IBM-IMA-SoftLayerVirtual-IFIT08200 \n \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-17T15:12:15", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM MessageSight (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T15:12:15", "id": "8D32D1F194329BA56AB2404AB16F06BCF8F5CE6BEC3C715F218ECA7ABBA7D4D9", "href": "https://www.ibm.com/support/pages/node/260959", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:47:17", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" for SSL/TLS may affect some configurations of WebSphere Application Server as a component of IBM Tivoli Netcool Performance Manager . \nNOTE: If you are configured for FIPS140-2, Suite B or SP800-131 in your Security>SSL certificate and key management then you are not affected by this vulnerability or your SSL communication for Liberty. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\nPlease consult the security bulletin [_Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21701503>) for vulnerability details.\n\n## Affected Products and Versions\n\nAffected Product and Version(s)\n\n| IBM WebSphere Application Server Version \n---|--- \nTivoli Network Performance Manager 1.4| IBM WebSphere version 8.5.0.1 (Bundled in the Jazz for Service Management version 1.1.0.2) \nTivoli Network Performance Manager 1.3.3| IBM WebSphere version 7.0.0.x (Bundled the TIP version 2.1.0.x) \nTivoli Network Performance Manager 1.3.2| IBM WebSphere version 7.0.0.x (Bundled in the TIP version 2.1.0.x) \nTivoli Network Performance Manager 1.3.1| IBM WebSphere version 7.0.0.x (Bundled in the TIP version 2.1.0.x) \n \n## Remediation/Fixes\n\nRemediation is available at the security bulletin [_Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21701503>)\n\n## ", "cvss3": {}, "published": "2018-06-17T15:00:48", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Application Server shipped with Tivoli Netcool Performance Manager (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T15:00:48", "id": "E6BD4D9CC9EA6DE3F210166CEA8E96D2951AACB38CF97496D3C04EA57B5E2F29", "href": "https://www.ibm.com/support/pages/node/262183", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:41:24", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM InfoSphere Guardium.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)\n\n \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM InfoSphere Guardium : V 8.2, 9.x\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nInfoSphere Guardium Database Activity Monitoring| 8.2| PSIRT 53185| [_http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_8.2p6008_SecurityUpdate&includeSupersedes=0&source=fc_](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_8.2p6008_SecurityUpdate&includeSupersedes=0&source=fc>) \nInfoSphere Guardium Database Activity Monitoring| 9.x| PSIRT 53185| [_http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_9.0p6008_SecurityUpdate&includeSupersedes=0&source=fc_](<http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_9.0p6008_SecurityUpdate&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\n \n**Important note: **IBM strongly suggests that all System z customers subscribe to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the System z Security site. Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk. \n\n## ", "cvss3": {}, "published": "2018-07-16T10:15:46", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM InfoSphere Guardium (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-07-16T10:15:46", "id": "23ABE24E8359DA211211D928CA035880A9B388325873C007BF19F1CB5F997D6A", "href": "https://www.ibm.com/support/pages/node/260717", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:38:04", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Rational Developer for System z.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n\n## Affected Products and Versions\n\nRational Developer for System z, versions 8.0.3.x, 8.5.x, 9.0.x and 9.1.x \n\n## Workarounds and Mitigations\n\nBy default Rational Developer for System z relies on System SSL defaults for active cipher suites, and by default, System SSL enables the RC4 cipher suites for SSLv3 and all TLS versions. Note that usage of SSLv3 is not advised due to another vulnerability commonly referred to as \"POODLE vulnerability\". \n \nThe RC4 ciphers in TLS are: \n\n * TLS_RSA_WITH_RC4_40_MD5 (\"03\" or \"0003\") \n * TLS_RSA_WITH_RC4_128_MD5 (\"04\" or \"0004\") \n * TLS_RSA_WITH_RC4_128_MD5 (\"05\" or \"0005\") \n * TLS_ECDH_ECDSA_WITH_RC4_128_SHA (\"C002\") \n * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA (\"C007\") \n * TLS_ECDH_RSA_WITH_RC4_128_SHA (\"C00C\") \n * TLS_ECDHE_RSA_WITH_RC4_128_SHA (\"C011\")\n \nYou can explicitly disable the usage of the RC4 ciphers by adding the GSK_V3_CIPHER_SPECS environment variable, ensuring that the environment variable character string does not include ciphers \"03\", \"04\", or \"05\". \nIf environment variable GSK_V3_CIPHERS is set to GSK_V3_CIPHERS_CHAR4 (this must be done explicitly), you can explicitly disable the usage of the RC4 ciphers by adding the GSK_V3_CIPHER_SPECS_EXPANDED environment variable, ensuring that the environment variable character string does not include ciphers \"0003\", \"0004\", \"0005\", \"C002\", \"C007\", \"C00C\", or \"C011\". \n \nRational Developer for System z has two components that utilize System SSL: \n\n * RSE, which is used when a client connects to the host. You must specify the GSK_V3_CIPHER_SPECS environment variable in rsed.envvars, by default located in /etc/rdz. \n * Debug Manager, by means of an AT-TLS policy. You must create a file holding the GSK_V3_CIPHER_SPECS environment variable and reference it via the Envfile keyword in the TTLSGroupAdvancedParms section.\n * \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2020-10-27T15:51:50", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Developer for System z (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2020-10-27T15:51:50", "id": "503FD74F886DBC0A6A5895006871227440411D00C54D147CBFA7D89D5227DB58", "href": "https://www.ibm.com/support/pages/node/260757", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:47:17", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Netcool/Reporter.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION: **The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n\n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Netcool/Reporter 2.2\n\n## Remediation/Fixes\n\nYou must upgrade your current version of the Netcool/Reporter provided Apache 2.2.22 to include the updated OpenSSL (1.0.1m) which is available from Fix Central via Tivoli Netcool Reporter 2.2.0.9 IF0005, 2.2.0.9-TIV-NCReporter-IF0005. \n\nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nTo disable RC4 in the supplied Apache HTTPD server, in the **http-ssl.conf** file, located under $APACHE_HOME/conf/ or %APACHE_HOME%\\conf\\, locate the following line: \n \n**_SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:!MD5:!aNULL:!EDH_** \n \n...and add the following text to the end of the existing text: \n \n**_:!RC4_** \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-17T15:00:39", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Netcool/Reporter (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T15:00:39", "id": "68965B30B36EADA4307038F4C06817684A78B4223983AC0AA179EC136618D394", "href": "https://www.ibm.com/support/pages/node/261723", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T17:57:22", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects IBM BladeCenter Switches.\n\n## Vulnerability Details\n\n## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects IBM BladeCenter Switches.\n\n**Vulnerability Details**\n\n**CVE-ID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**Description:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\nProduct | Version \n---|--- \nIBM Virtual Fabric 10GB Switch Module for IBM BladeCenter Firmware Update | Prior to 7.8.6.0 \nIBM 1/10GB Uplink Ethernet Switch Module for Firmware Update | Prior to 7.4.10.0 \nIBM GbESM 1G L2/7 Firmware Update | Prior to 21.0.22.0 \nLayer 2/3 GbESM Firmware Update | Prior to 5.3.7.0 \n \nRefer also to The following IBM Systems products are not affected by the vulnerability in RC4 stream cipher (CVE-2015-2808) Flash (Alert) in Related Information.\n\n## Remediation/Fixes\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>.\n\nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\nProduct | Fix Version \n---|--- \nIBM Virtual Fabric 10GB Switch Module for IBM BladeCenter Firmware Update | 7.8.6.0 \nIBM 1/10GB Uplink Ethernet Switch Module for Firmware Update | 7.4.10.0 \nIBM GbESM 1G L2/7 Firmware Update | 21.0.22.0 \nLayer 2/3 GbESM Firmware Update | 5.3.7.0 \n \n## Workarounds and Mitigations\n\nNone.\n\n## Reference\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information** \n[FLASH (Alert) IBM Systems products not affected by RC4 stream cipher](<http://www-01.ibm.com/support/docview.wss?uid=isg3T1022180>) \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n15 June 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2023-04-14T14:32:25", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM BladeCenter Switches (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2023-04-14T14:32:25", "id": "6D1260ED9EDDCDB5037EC1727A9F750274D0B23A082563C4B6104D9F7B30E4AE", "href": "https://www.ibm.com/support/pages/node/867356", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T18:17:34", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d attack for SSL/TLS affects IBM WebSphere Application Server that is used by WebSphere Process Server (WPS) and WPS Hypervisor editions.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n * WebSphere Process Server V7.0\n * WebSphere Process Server Hypervisor Editions V6.2, V7.0\n\nFor earlier unsupported versions of the above products IBM recommends upgrading to a fixed, supported version of the products.\n\n## Remediation/Fixes\n\nPlease consult the security bulletin [_Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21701503>) for vulnerability details and information about fixes.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2022-09-15T18:50:52", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Process Server (WPS) and WPS Hypervisor editions (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2022-09-15T18:50:52", "id": "473509F5DF0045B5F52A40451D21440972E002841BC6988B77B1C5297FC47A53", "href": "https://www.ibm.com/support/pages/node/261477", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T17:59:52", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM SAN Volume Controller and Storwize Family\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)\n\n \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM SAN Volume Controller \nIBM Storwize V7000 \nIBM Storwize V5000 \nIBM Storwize V3700 \nIBM Storwize V3500 \n \nAll products are affected when running code releases 1.1 to 7.4.\n\n## Remediation/Fixes\n\nIBM recommends that you fix this vulnerability by upgrading affected versions of IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500 to the following code level or higher: \n \n7.3.0.10 \n7.4.0.4 \n \n[_Latest SAN Volume Controller Code_](<http://www-01.ibm.com/support/docview.wss?rs=591&uid=ssg1S1001707>) \n[_Latest Storwize V7000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003705>) \n[_Latest Storwize V5000 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004336>) \n[_Latest Storwize V3700 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004172>) \n[_Latest Storwize V3500 Code_](<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004171>)\n\n## Workarounds and Mitigations\n\nAlthough IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {}, "published": "2023-03-29T01:48:02", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM SAN Volume Controller and Storwize Family (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2023-03-29T01:48:02", "id": "E0EEC718E264F9F31B64117E5961FA40938A5D5DBBEFFE6D0ED5DEB15CB03713", "href": "https://www.ibm.com/support/pages/node/690433", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:48:54", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM\u00ae SDK Java\u2122 Technology Edition, Version 6.0.16.2, that is supplied with specific versions of Rational Lifecycle Integration Adapter for HP ALM. \n\n## Vulnerability Details\n\n**CVEID:**[](<https://vulners.com/cve/CVE-2015-2808>)** **[CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION****:**The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n** \nCVSS** Base Score: 5 ** \nCVSS** Temporal Score: See [](<http://exchange.xforce.ibmcloud.com/#/vulnerabilities/100851>)<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score** \nCVSS** Environmental Score*: Undefined** \nCVSS** Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n\n## Affected Products and Versions\n\nIBM Rational Lifecycle Integration Adapter for HP ALM 1.1.2 and 1.1.2.1\n\n## Remediation/Fixes\n\n \nThe fix is available on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/Rational+Lifecycle+Integration+Adapters+Tasktop+Edition&release=1.1.3.1&platform=All&function=fixId&fixids=Rational-RLIA_Tasktop-JavaPatch-Java60163&includeSupersedes=0>). \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n \nTo update IBM Rational Lifecycle Integration Adapter with a corrected JRE, follow the instructions below. Depending on how you deployed the products, and depending on your usage scenarios, you might need to upgrade the IBM SDK, Java Technology Edition in IBM WebSphere Application Server and Apache Tomcat. Be sure to upgrade all the components that you use in your deployment uses. \n \n**NOTE**: IBM SDK, Java Technology Edition is only included in IBM Rational Lifecycle Integration Adapter version 1.1.2 and 1.1.2.1. Previous versions of the Rational Lifecycle Integration Adapter Standard Edition HP Adapter were released as WAR files only. Please consult with the application server documentation for updating the IBM SDK, Java Technology Edition. \n \n**Upgrading the JRE for a** **WebSphere Application Server**** installation \n**If your products are deployed on WebSphere Application Server, [_Java SDK Upgrade Policy for the IBM WebSphere Application Server_](<http://www.ibm.com/support/docview.wss?uid=swg21138332>) lists IBM SDK, Java Technology Edition upgrades that are available. Also check the [_Product Security Incident Response Blog_](<https://www.ibm.com/blogs/psirt/>) for any recent security bulletins for WebSphere Application Server that may have fixpacks or interim fixes for the JRE. \n \n**Upgrading the **IBM SDK, Java Technology Edition** for a Tomcat installations**\n\n1\\. Stop the Rational Lifecycle Integration Adapter server. \n \n**Note**: The applications may be running in different application server instances or using a delegated converter. \n\n2\\. Go to the original installation directory, and rename the /jre folder \n \n<InstallDir>/server/jre \n \nto \n \n<InstallDir>/server/jre-Original \n \nThis ensures that the original JRE is kept as a backup in the event a restore is required._ \n \n_Example (Linux):` \nmv <OrigInstallDir>/server/jre <OrigInstallDir>/server/jre-Original `\n\n3\\. Extract the new JRE archive provided by support to the Installation directory. \n \nExample (Linux): ` \nunzip <newInsallZip> -d <InstallDir>/server/`\n\n4\\. Remove the Apache Tomcat temporary files in the following directories: \n \n`<OrigInstallDir>/server/tomcat/temp \n<OrigInstallDir>/server/tomcat/work/Catalina/localhost`\n\n5\\. Restart the Rational Lifecycle Integration Adapter server\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T05:01:50", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Lifecycle Integration Adapter for HP ALM (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T05:01:50", "id": "0CE78FD0AA4F9E438951AED1255152FA47A49E273E383BFE64802175FB795345", "href": "https://www.ibm.com/support/pages/node/262223", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:54:55", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM WebSphere Cast Iron Solution(CVE-2015-2808)\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \nDESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThis vulnerability affects all versions of the product \nWebSphere Cast Iron v 7.0,0,x, \nWebSphere Cast Iron v 6.4.0.x \nWebSphere Cast Iron v 6.3.0.x \nWebSphere Cast Iron v 6.1.0.x \nWebSphere Cast Iron v 6.0.0.x \n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nCast Iron Appliance| 7.*| LI78552| [iFix 7.0.0.2-CUMUIFIX-011](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=7.0.0.2&platform=All&function=fixId&fixids=7.0.0.2-WS-WCI-20150420-1128_H10_64-CUMUIFIX-011.scrypt2,7.0.0.2-WS-WCI-20150420-1128_H10_64-CUMUIFIX-011.vcrypt2,7.0.0.2-WS-WCI-20150420-1128_H10_64-CUMUIFIX-011.32bit.sc-linux,7.0.0.2-WS-WCI-20150420-1128_H10_64-CUMUIFIX-011.32bit.sc-win,7.0.0.2-WS-WCI-20150420-1128_H10_64-CUMUIFIX-011.sc-linux,7.0.0.2-WS-WCI-20150420-1128_H10_64-CUMUIFIX-011.sc-win,7.0.0.2-WS-WCI-20150420-1521_H8_64-CUMUIFIX-011.32bit.studio,7.0.0.2-WS-WCI-20150420-1521_H8_64-CUMUIFIX-011.studio&includeSupersedes=0>) \nCast Iron Appliance| 6.4.0.x| LI78552| [iFix 6.4.0.1-CUMUIFIX-028](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=6.4.0.1&platform=All&function=fixId&fixids=6.4.0.1-WS-WCI-20150420-1612_H6-CUMUIFIX-028.scrypt2,6.4.0.1-WS-WCI-20150420-1612_H6-CUMUIFIX-028.vcrypt2,6.4.0.1-WS-WCI-20150420-1706_H5-CUMUIFIX-028.studio&includeSupersedes=0>) \nCast Iron Appliance| 6.3.0.x| LI78552| [iFix 6.3.0.2-CUMUIFIX-013](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=6.3.0.2&platform=All&function=fixId&fixids=6.3.0.2-WS-WCI-20150420-1521_H4-CUMUIFIX-013.scrypt2,6.3.0.2-WS-WCI-20150420-1521_H4-CUMUIFIX-013.vcrypt2,6.3.0.2-WS-WCI-20150420-1606_H5-CUMUIFIX-013.studio&includeSupersedes=0>) \nCast Iron Appliance| 6.1.0.x| LI78552| [iFix 6.1.0.15-CUMUIFIX-020](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=6.1.0.15&platform=All&function=fixId&fixids=6.1.0.15-WS-WCI-20150420-1501_H3-CUMUIFIX-020.vcrypt2,6.1.0.15-WS-WCI-20150420-1501_H3-CUMUIFIX-020.scrypt2,6.1.0.15-WS-WCI-20150420-1525_H5-CUMUIFIX-020.studio&includeSupersedes=0>) \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nCustomers on Cast Iron v6.0.0.x should contact IBM Support for migrating to one of the remediated releases. \n\nAppliance is upgraded with script changes.\n\n \nFor Studio and Secure connectors, to disable the RC4 stream cipher do the following: \n \nStudio \nGo to the the location studio is installed \n<installation directory>\\jre\\lib\\security\\java.security \nAdd RC4 to the list of disabled TLS algorithms specified by the property jdk.tls.disabledAlgorithms. For example: \njdk.tls.disabledAlgorithms=SSLv3, RC4 \n \n \nFor Secure connectors \nGo to the the location where secure connector is installed \nWindows: <installation directory>\\jre\\jre\\lib\\security\\java.security \nLinux : <installation directory>\\jre\\lib\\security\\java.security \n \nAdd RC4 to the list of disabled TLS algorithms specified by the property jdk.tls.disabledAlgorithms. For example: \njdk.tls.disabledAlgorithms=SSLv3, RC4 \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-15T07:02:58", "type": "ibm", "title": "Security Bulletin:Vulnerability in RC4 stream cipher affects IBM WebSphere Cast Iron Solution (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T07:02:58", "id": "17F901C3FEA725FC15B2387D43D90FAABF26EE57375E75CD49ABE4E696534914", "href": "https://www.ibm.com/support/pages/node/262261", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:48:57", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Rational Tau.\n\n## Vulnerability Details\n\n**CVEID:**[](<https://vulners.com/cve/CVE-2015-2808>) [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**DESCRIPTION:**The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\nCVSS Base Score: 5\n\n \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\n4.3, 4.3.0.1, 4.3.0.2, 4.3.0.3, 4.3.0.4, 4.3.0.5, 4.3.0.6, 4.3.0.6 Interim Fix 1, 4.3.0.6 Interim Fix 2\n\n## Remediation/Fixes\n\nUpgrade to [Rational Tau Interim Fix 3 for 4.3.0.6](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%2FRational&product=ibm/Rational/IBM+Rational+Tau&release=4.3.0.6&platform=All>)\n\n## Workarounds and Mitigations\n\nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {}, "published": "2018-06-17T05:01:43", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Tau (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T05:01:43", "id": "628C9425E5431BE9014057AFDFA6432B71F3CD61D1B5A6D4BCC34623DE9C8567", "href": "https://www.ibm.com/support/pages/node/261149", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-10-18T15:03:49", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects the IBM Installation Manager and IBM Packaging Utility\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Installation Manager and IBM Packaging Utility versions 1.8.2.1 and earlier.\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_IBM Installation Manager and IBM Packaging Utility_| _1.7.4.x_| _None_| [_1.7.4.2 IBM Installation Manager Remediation_](<http://www.ibm.com/support/docview.wss?uid=swg24039825>) \n[_1.7.4.2 IBM Packaging Utility Remediation_](<http://www.ibm.com/support/docview.wss?uid=swg24039827>) \n\n\n_Please note that the 1.7.4.2 fix is intended for upgrade of 1.7.4.1 and earlier versions which continue support on platforms that are NOT supported by 1.8 or later versions._\n\n \n_Users running 1.7.4.1 or earlier version on platforms that ARE supported by 1.8.x version, should upgrade to 1.8.2.1 and implement the work around described below._ \n_Installation Manager and IBM Packaging Utility_| _1.8.x_| _None_| _See 1.8.x work around below_ \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\n \n_IBM Installation Manager 1.8.x work around_: \n \nTo work around the RC4 Bar Mitzvah security vulnerability in IBM Installation Manager version 1.8.x, update the **java.security** file to add the **RC4** string to the list of disabled TLS algorithms identified by **jdk.tls.disabledAlgorithms** java property. \n \nFor example: \n** jdk.tls.disabledAlgorithms**=SSLv3, **RC4** \n \nYou will find the **java.security** file in the following folder, by platform: \nAIX Platforms: \n<Installation Manager install_dir>/eclipse/jre_<version>/jre/lib/security/ \nHP-UX Platforms: \n<Installation Manager install_dir>/eclipse/jre_<version>/jre/lib/security/ \nLinux and Solaris Platforms: \n<Installation Manager install_dir>/eclipse/jre_<version>/jre/lib/security/ \nWindows Platforms: \n<Installation Manager install_dir>\\eclipse\\jre_<version>\\jre\\lib\\security\\ \nMac OSX Platforms: \n<Installation Manager install_dir>/eclipse/jre_<version>/jre/Contents/Home/lib/security/ \n \n \n_IBM Packaging Utility 1.8.x work around_: \n \nTo work around the RC4 Bar Mitzvah security vulnerability in IBM Packaging Utility version 1.8.x, update the **java.security** file to add the **RC4** string to the list of disabled TLS algorithms identified by **jdk.tls.disabledAlgorithms** java property. \n \nFor example: \n** jdk.tls.disabledAlgorithms**=SSLv3, **RC4** \n \nYou will find the **java.security** file in the following folder, by platform: \nAIX Platforms: \n<Packaging Utility install_dir>/jre/lib/security/ \nLinux and Solaris Platforms: \n<Packaging Utility install_dir>/jre/lib/security/ \nWindows Platforms: \n<Packaging Utility install_dir>\\jre\\lib\\security\\ \nMac OSX Platforms: \n<Packaging Utility install_dir>/jre/Contents/Home/lib/security/ \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {}, "published": "2021-10-25T12:12:53", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects the IBM Installation Manager and IBM Packaging Utility (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2021-10-25T12:12:53", "id": "A89F1187EBB4D71E87F412A322E2529123CF9AAAB43003376056C4FAE55E8A3D", "href": "https://www.ibm.com/support/pages/node/262565", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:47:12", "description": "## Summary\n\nVulnerability in RC4 stream cipher affects GSKit shipped with IBM Tivoli Network Manager IP Edition \nand IBM WebSphere Application Server shipped as a component of Tivoli Network Manager IP Edition. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\n**_ \nTivoli Network Manager IP Edition Interim Fixes for GSKit:_**** \nNote: **The SSL connection between Tivoli Network Manager IP Edition and Tivoli Netcool/OMNIbus is affected. Single server SSL users should upgrade to an appropriate OMNIbus fixpack to obtain the GSKit fix. Remote OMNIbus SSL connection users should install the Interim Fix below on Tivoli Network Manager IP Edition. \n\n\n**_Affected Product_**| **_VRMF_**| **_APAR_**| **_Remediation/First Fix_** \n---|---|---|--- \nTivoli Network Manager IP Edition| 3.8.0.7 | IV71123 & IV76121| <http://www.ibm.com/support/docview.wss?uid=swg24040692> \nTivoli Network Manager IP Edition| 3.9.0.4| IV71123 & IV76121| [](<http://www-01.ibm.com/support/docview.wss?uid=swg24036687>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039199>)<http://www.ibm.com/support/docview.wss?uid=swg24040692> \nTivoli Network Manager IP Edition | 4.1.0| IV71123 & IV76121| <http://www.ibm.com/support/docview.wss?uid=swg24040692> \nTivoli Network Manager IP Edition| 4.1.1.1| IV71123 & IV76121| [](<http://www-01.ibm.com/support/docview.wss?uid=swg24036690>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039199>)<http://www.ibm.com/support/docview.wss?uid=swg24040692> \n \n**_IBM WebSphere Application Server fixes:_** \n[**Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808)**](<http://www-01.ibm.com/support/docview.wss?uid=swg21701503>) \nNote: If TIP has been upgraded, please follow the TIP security bulletin to upgrade the appropriate IBM WebSphere version. **_Affected Product and Version(s)_**| **_Product and Version shipped as a component_** \n---|--- \nTivoli Network Manager IP Edition 3.8| Bundled the TIP version 1.1.1.x, IBM WebSphere version 6.1.0.x and the JRE from IBM SDK Java 2 Technology Edition Version 5. \nTivoli Network Manager IP Edition 3.9| Bundled the TIP version 2.1.0.x, IBM WebSphere version 7.0.0.x and the JRE from IBM SDK Java 2 Technology Edition Version 6. \nTivoli Network Manager IP Edition 4.1| Bundled the TIP version 2.2.0.x, IBM WebSphere version 7.0.0.x and the JRE from IBM SDK Java 2 Technology Edition Version 6. \nTivoli Network Manager IP Edition 4.1.1| Bundled the TIP version 2.2.0.x, IBM WebSphere version 7.0.0.x and the JRE from IBM SDK Java 2 Technology Edition Version 6. \n \n## ", "cvss3": {}, "published": "2018-06-17T15:09:03", "type": "ibm", "title": "Security Bulletin:A security vulnerability has been identified in Tivoli Network Manager IP Edition and IBM WebSphere Application Server shipped with Tivoli Network Manager IP Edition. (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T15:09:03", "id": "E5543978D844005507FB55966F094307DA1862D0D17039C427B77E7779FCBCA7", "href": "https://www.ibm.com/support/pages/node/265735", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:54:55", "description": "## Summary\n\nIBM DB2 is shipped as a component of WebSphere Remote Server. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin.\n\n## Vulnerability Details\n\nFor vulnerability details, see the security bulletin** **[**_Vulnerability in RC4 stream cipher affects IBM DB2 LUW (CVE-2015-2808)._**](<http://www.ibm.com/support/docview.wss?uid=swg21717865>)\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nWebSphere Remote Server version V6.2, 6.2.1, 7.0, 7.1, 7.1.1, 7.1.2, 8.5 | IBM DB2 Workgroup Server Edition \nV9.5, 9.7, 10.1, 10.5 \n \n## ", "cvss3": {}, "published": "2018-06-15T07:02:57", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with WebSphere Remote Server (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T07:02:57", "id": "5CAC33E06E2C656A8F0F2B3DD8616A6C1527F08B2D322F61DBC7614925A11B76", "href": "https://www.ibm.com/support/pages/node/261785", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:52:14", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects IBM Fabric Manager.\n\n## Vulnerability Details\n\n## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects IBM Fabric Manager.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**Description:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\n * IBM Fabric Manager 4.1.00.24 and prior versions.\n\n## Remediation/Fixes:\n\nIBM recommends updating to version 4.1.02.0031 or later. Firmware updates are available through IBM Fix Central - <http://www.ibm.com/support/fixcentral/> .\n\nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations:\n\nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\nThe use of RC4 by IFM can be avoided by disabling RC4 in your web browser and on any CMM, AMM, IMM1, and IMM2 managed by IFM.\n\n## References:\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n06 May 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2019-01-31T01:55:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Fabric Manager (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-01-31T01:55:01", "id": "529213275AB0084481F4027FC9CD99DBED29847032C18D70158670101E71F495", "href": "https://www.ibm.com/support/pages/node/866740", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:55:03", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM CICS Transaction Gateway.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)\n\n \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n \n \nThe vulnerability in CICS TG can be closed by configuring CICS TG to use updated releases of Java. Updated JREs containing the Java fix for CVE-2015-2808, for use with CICS TG, can be found at: \n[http://www.ibm.com/support/fixcentral/swg/identifyFixes?query.parent=ibm~Other software&query.product=ibm~WebSphere~CICS Transaction Gateway for Multiplatforms&query.release=All&query.platform=All ](<http://www.ibm.com/support/fixcentral/swg/identifyFixes?query.parent=ibm~Other%20software&query.product=ibm~WebSphere~CICS%20Transaction%20Gateway%20for%20Multiplatforms&query.release=All&query.platform=All>)\n\n## Affected Products and Versions\n\nCICS Transaction Gateway for Multiplatforms and Desktop Edition V9.1 and earlier.\n\n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\nThe use of RC4 stream ciphers by CICS Transaction Gateway can be prevented by configuring CICS TG to only accept more secure cipher suites, This can be done by listing the acceptable cipher suites using the ciphersuites parameter in the ctg.ini file, or by adding the acceptable cipher suites to the \"Use only these ciphers\" suites in the \"SSL settings\" section of the CICS TG configuration tool \nSee the [CICS TG for Multiplatforms Knowledge Center](<http://www-01.ibm.com/support/knowledgecenter/SSZHFX_8.0.0/ctgwin/ccl11rss01.html?lang=en>) for more details.\n\n## ", "cvss3": {}, "published": "2018-06-15T07:02:56", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM CICS Transaction Gateway (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T07:02:56", "id": "3DFEA15BF11806408F2986400E2862AA843E82180A4AA3FC77574EC959A22588", "href": "https://www.ibm.com/support/pages/node/261405", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T21:44:49", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects the IBM FlashSystem 900.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM FlashSystem 900 including machine type and models (MTMs) for all available code levels. MTMs affected include 9843-AE2 and 9840-AE2.\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_ | _APAR_ | _Remediation/First Fix_ \n---|---|---|--- \nFlashSystem 900 MTMs: \n\n9840-AE2\n\n9843-AE2\n\n| The VRMF of the present code level is 1.2.0.11, and while RC4 is enabled by default, it supports the workaround described below. A code fix which disables RC4 as a default is being developed, but is not presently available. | None | \n\nThis issue is fixed in 1.2.1.8 firmware.\n\nThe only way to address this vulnerability in older firmware is by use of the workaround described in the following section. \n \n \nIBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n_IBM recommends upgrading to a fixed, supported version/release/platform of the product as soon as it is available. _\n\n_**This vulnerability is first fixed in 1.2.1.8.**_\n\n## Workarounds and Mitigations\n\nThe default security_level setting of the SSL protocol is 1, and RC4 is enabled when the security_level is at this default value of 1. But the user can increase the security level of the SSL protocol from 1 to either 2 or 3 by issuing the following command from the CLI, replacing words in italics with actual values:\n\nsvctask chsecurity \u2013sslprotocol _security_level_\n\n \nTo view the security level, issue svcinfo lssecurity \n \nHere is what the security level settings mean: \n\u00b7 1 disallows SSL 3.0 \n\u00b7 2 allows TLS 1.2 only \n\u00b7 3 additionally disallows TLS 1.2 cipher suites that are not exclusive to 1.2 \n \nAt whatever security level you choose to operate, you should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take any necessary precautions.\n\n## ", "cvss3": {}, "published": "2019-01-03T20:50:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM FlashSystem 900 (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-01-03T20:50:01", "id": "D706DF72021A516F2E16751F556C146ECBCF213599825F1415A61FFD8BAA8B47", "href": "https://www.ibm.com/support/pages/node/690449", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:48:57", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Rational Directory Server and Administrator.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n**Product**\n\n| **Version** \n---|--- \nRational Directory Server (Tivoli) | 5.2 - 5.2.1_iFix006 \nRational Directory Server (Apache)| 5.1.1 - 5.1.1.2_iFix007 \n \n## Remediation/Fixes\n\n \n\n\n**Product**| **Download link** \n---|--- \nIBM Rational Directory Server 5.2 (Tivoli) and above| [RDS 5.2.1 iFix07](<http://www-01.ibm.com/support/docview.wss?uid=swg24039818>) \nIBM Rational Directory Server 5.1.1 (Apache) and above| [RDS 5.1.1.2 iFix08](<http://www-01.ibm.com/support/docview.wss?uid=swg24039817>) \n \nNOTE: You should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n \n_For __Rational Directory Server and Administrator, versions prior to 5.2 (Tivoli) and 5.1.1 (Apache)__ __IBM recommends upgrading to supported version of the product._\n\n## Workarounds and Mitigations\n\nFor IBM Tivoli Directory Server, certain configuration changes are required to mitigate this issue. \n \n1\\. Go to the **tdsadmin **Instance folder \n\n\na. For Windows based system: Go to folder location `C:\\idsslapd-tdsadmin\\etc` \n \nb. For UNIX based system: Go to folder location `<RDS Install Location>/Instance/idsslapd-tdsadmin/etc` \n2\\. Take a backup of the file **ibmslapd.conf** \n \n3\\. Open the file for editing. \n \n4\\. Search for **ibm-slapdSslCipherSpec** \n \n5\\. Under this attribute, comment all ciphers that start with RC4. Your sample **ibmslapd.conf **should look like this \n\n\n`#ibm-slapdSslCipherSpec: RC4-128-MD5`\n\n`#ibm-slapdSslCipherSpec: RC4-128-SHA`\n\n`ibm-slapdSslCipherSpec: AES`\n\n`ibm-slapdSslCipherSpec: AES-128`\n\n`ibm-slapdSslCipherSpec: TripleDES-168`\n\n`ibm-slapdSslCipherSpec: DES-56`\n\n`#ibm-slapdSslCipherSpec: RC4-40-MD5`\n\n`#ibm-slapdSslCipherSpec: RC2-40-MD5`\n\n \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-17T05:01:46", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Directory Server (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T05:01:46", "id": "39260C4459A850B23421A419691F8C7107560E2D42FA5FC92CB5EC47066032C6", "href": "https://www.ibm.com/support/pages/node/261349", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:51:50", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects OpenSSL. OpenSSL is used by IBM InfoSphere Master Data Management. IBM InfoSphere Master Data Management has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID: **[**_CVE-2015-2808_**](<https://vulners.com/cve/CVE-2015-2808>)** \nDESCRIPTION: **The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThese vulnerabilities are known to affect the following offerings: \n \nIBM Initiate Master Data Service versions 8.1, 9.0, 9.2, 9.5, 9.7, 10.0, 10.1 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM Initiate Master Data Service Patient Hub versions 9.5, 9.7 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM Initiate Master Data Service Provider Hub versions 9.5, 9.7 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM InfoSphere Master Data Management Patient Hub version 10.0 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM InfoSphere Master Data Management Provider Hub version 10.0 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM InfoSphere Master Data Management Standard/Advanced Edition version 11.0 (impacts [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and [_Enterprise Integrator Toolkit_](<http://pic.dhe.ibm.com/infocenter/initiate/v9r5/topic/com.ibm.release_notes.doc/topics/r_release_notes_GAenterprise_integrator_toolkit.html>) component) \n \nIBM InfoSphere Master Data Management Standard/Advanced Edition version 11.3 (impacts [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component) \n \nIBM InfoSphere Master Data Management Standard/Advanced Edition version 11.4 (impacts [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component)\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix as soon as practical. Please see below for information on the fixes available. \n \n\n\n**_Product_**| **_VRMF_**| **_APAR_**| **_Remediation/First Fix_** \n---|---|---|--- \nIBM Initiate Master Data Service | \n\n8.1\n\n| None| [8.1.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=8.1.042215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service | \n\n9.0\n\n| None| [9.0.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=9.0.042215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service | \n\n9.2\n\n| None| [9.2.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=9.2.042215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service | \n\n9.5\n\n| None| [9.5.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=9.5.042215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Patient Hub| \n\n9.5\n\n| None| [9.5.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Patient&release=All&platform=All&function=fixId&fixids=9.5.042215_IM_Initiate_Patient_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Provider Hub| \n\n9.5\n\n| None| [9.5.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Provider&release=All&platform=All&function=fixId&fixids=9.5.042215_IM_Initiate_Provider_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service | \n\n9.7\n\n| None| [9.7.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=9.7.042215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Patient Hub \n| \n\n9.7\n\n| None| [9.7.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Patient&release=All&platform=All&function=fixId&fixids=9.7.042215_IM_Initiate_Patient_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Provider Hub| \n\n9.7\n\n| None| [9.7.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Provider&release=All&platform=All&function=fixId&fixids=9.7.042215_IM_Initiate_Provider_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service| \n\n10.0\n\n| None| [10.0.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=10.0.042215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Patient Hub | \n\n10.0\n\n| None| [10.0.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Patient&release=All&platform=All&function=fixId&fixids=10.0.042215_IM_Initiate_Patient_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Provider Hub| \n\n10.0\n\n| None| [10.0.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Provider&release=All&platform=All&function=fixId&fixids=10.0.042215_IM_Initiate_Provider_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service| \n\n10.1\n\n| None| [10.1.042215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=10.1.042215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>)_ _ \nIBM InfoSphere Master Data Management Standard/Advanced Edition| \n\n11.0\n\n| None| [11.0-FP03](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/InfoSphere+Master+Data+Management&release=All&platform=All&function=fixId&fixids=11.0.0.3-MDM-SAE-FP03IF001&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Standard/Advanced Edition| \n\n11.3\n\n| None| [11.3-FP02](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Master+Data+Management&release=All&platform=All&function=fixId&fixids=11.3.0.2-MDM-SE-AE-FP02IF001&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Standard/Advanced Edition| \n\n11.4\n\n| None| [11.4-FP02](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Master+Data+Management&release=All&platform=All&function=fixId&fixids=11.4.0.2-MDM-SE-AE-FP02IF003&includeSupersedes=0&source=fc>) \n \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone known\n\n## ", "cvss3": {}, "published": "2018-06-16T14:01:24", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM InfoSphere Master Data Management (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-16T14:01:24", "id": "C50FF070A20ABD3F0B4EE852D4B83CD940072690A44147C24C79AA0ABFB03AA2", "href": "https://www.ibm.com/support/pages/node/261489", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:47:17", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Tivoli Storage Manager FastBack for Workstations. The TSM FastBack for Workstations Central Administration Console (CAC) has a security vulnerability in the underlying IBM Webshpere and IBM WebSphere Liberty Server. Tivoli Storage Manager FastBack for Workstations (client) is affected when using WinHttp connections to a remote WebDav backup server. Since the cipher can be negotiated down to RC4 the CAC and client application are both affected.\n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nThe following versions of Tivoli Storage Manager for Workstations Central Administration Console are affected: \n7.1.0.0 through 7.1.2.n \n6.3.0.0 through 6.3.1.0 \n \nThe following versions of Tivoli Storage Manger for Workstations (client) are affected: \n7.1.0.0 through 7.1.2.n \n6.3.0.0 through 6.3.1.12\n\n## Remediation/Fixes\n\n**Tivoli Storage Manager FastBack for WorkStations Central Administration Console**\n\n| **First Fixing VRMF Level**| **Client \nPlatform**| **Link to Fix / Fix Availability Target** \n---|---|---|--- \n7.1| 7.1.3.0| Windows \n\n\nx86 \n \n \n \n \n \n \nx64\n\n| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=7.1.3.0-TIV-FB4WKSTNS-CAC-x86_windows&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=7.1.3.0-TIV-FB4WKSTNS-CAC-x86_windows&includeSupersedes=0&source=fc>) \n \n[http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=7.1.3.0-TIV-FB4WKSTNS-CAC-x64_windows&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=7.1.3.0-TIV-FB4WKSTNS-CAC-x64_windows&includeSupersedes=0&source=fc>) \n6.3| 6.3.1.1| Windows| `[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FTivoli+Storage+Manager+FastBack+for+Workstations&fixids=6.3.1.1-TIV-FB4WKSTNS-CAC_windows&source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FTivoli+Storage+Manager+FastBack+for+Workstations&fixids=6.3.1.1-TIV-FB4WKSTNS-CAC_windows&source=SAR>)` \n**Tivoli Storage Manager FastBack for WorkStations Client**| **First Fixing VRMF Level**| **Client \nPlatform**| **Link to Fix / Fix Availability Target** \n---|---|---|--- \n7.1| 7.1.3.0| Windows \n\n\nx86\n\n \n \n \n \n\n\nx64\n\n| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=7.1.3-TIV-FB4WKSTNS-x86_windows-FP0000&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=7.1.3-TIV-FB4WKSTNS-x86_windows-FP0000&includeSupersedes=0&source=fc>) \n \n[http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=7.1.3-TIV-FB4WKSTNS-x64_windows-FP0000&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=7.1.3-TIV-FB4WKSTNS-x64_windows-FP0000&includeSupersedes=0&source=fc>) \n6.3| 6.3.1.13| Windows \n\n\nx86 \n \n \n \n \n \nx64\n\n| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=6.3.1-TIV-FB4WKSTNS-x86_windows-FP0013&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=6.3.1-TIV-FB4WKSTNS-x86_windows-FP0013&includeSupersedes=0&source=fc>) \n \n[http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=6.3.1-TIV-FB4WKSTNS-x64_windows-FP0013&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=6.3.1-TIV-FB4WKSTNS-x64_windows-FP0013&includeSupersedes=0&source=fc>) ` \n` \n \n## Workarounds and Mitigations\n\n \nTivoli Storage Manager FastBack for Workstations Central Administration Console \n\nVersion 6.3, 7.1.0 You will need to remove any of the ciphers that begin with SSL_* or TLS_* and contain RC4 in the name from your WebSphere Application Server SSL configuration. \n \nYou can view the administrative console page to change the settings, click **Security > SSL certificate and key management**. Under Configuration settings, click** Manage endpoint security configurations > {Inbound | Outbound} > ****_ssl_configuration_**. Under Related items, click **SSL configurations > **. Click on {_SSL_configuration_name_ }. Under **Additional Properties**, click **Quality of protection (QoP) settings**. \nPerform a restart on the Tivoli Integrated Portal Service after saving the setting above. \nVersion 7.1.1, 7.1.2 \n1\\. Open the java.security file for editing. The file will be located in the Tivoli Storage Manager FastBack for Workstations Central Administration Console install directory\\java\\jre\\lib\\security. \n2\\. Add the following line to the file: jdk.tls.disabledAlgorithms=RC4 \n3\\. In Control Panel -> Administrative Tools -> Service, stop and then restart the TSM FastBack for Workstations Central Administration Console service \nTivoli Storage Manager FastBack for Workstations (client): \n\nBased on the Microsoft document: (<http://support.microsoft.com/en-us/kb/245030>) \n1\\. Open the registry and look under HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\Schannel\\Ciphers\\ \n2\\. For any RC4 cipher create the following registry key if it does not exist: HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\Schannel\\Ciphers\\RC4 XXX/XXX (where examples are RC4 128/128, RC4 40/128, RC4 56/128, etc.) \n3\\. Create a DWORD value named Enabled in the above mentioned key and set its value to 0. This is a computer wide setting and will impact any application that uses the Microsoft WinHttp functions. \n \nA WebDav administrator should also be able to disable any RC4 cipher on the WebDav server which will eliminate the client vulnerability. \nAt this point the application will not allow RC4 ciphers. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-17T15:00:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Tivoli Storage Manager FastBack for Workstations (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T15:00:01", "id": "F77AF913D00FF008F39C866466CF92B3C47B41BA40E5A20F74C8BBCB097539FC", "href": "https://www.ibm.com/support/pages/node/260723", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-07T14:22:00", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM DataPower Gateway Appliances.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)\n\n \n \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nAll DataPower products and versions that are configured to perform SSL/TLS transactions.\n\n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\nDisable RC4 ciphers in DataPower configuration referring to the steps below. \n \nFirst make sure to Quiesce all domains and services to stop traffic to the appliance. System quiesce and unquiesce commands can be invoked by navigating to Administration --> Main --> System Control. \n \nNext, select Objects --> Crypto Configuration --> Crypto Profile in the left navigation pane. For all the crypto profile objects that are configured, in the \"Configure Crypto Profile\" page, \"Ciphers\" parameter, suffix the existing string with a value \":!RC4\". Click Apply. \n \nFor example, if you have a default configuration, the updates will appear as below: \nDefault cipher string: HIGH:MEDIUM:!aNULL:!eNULL:@STRENGTH \nRC4 disabled cipher string: HIGH:MEDIUM:!aNULL:!eNULL:@STRENGTH**:!RC4** \n \nNote that RC4 must be disabled in all the Crypto Profile objects configured in all the domains. \n \nTo disable RC4 in Web Management and XML Management interfaces, refer to [_Disable RC4 in DataPower Web management and XML management services_](<http://www-01.ibm.com/support/docview.wss?uid=swg21712036>). \n\nIf you have configured WebSphere JMS or Tibco EMS objects, refer to [_Disable RC4 in DataPower WebSphere Java Message Service (JMS)._](<http://www-01.ibm.com/support/docview.wss?uid=swg21717540>)\n\nIf you have configured WebSphere MQ objects, refer to [_Disable RC4 in DataPower MQ Queue Manager objects._](<http://www-01.ibm.com/support/docview.wss?uid=swg21713632>)\n\n \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2021-06-08T22:18:27", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM DataPower Gateway Appliances (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2021-06-08T22:18:27", "id": "18446F3D4547367B41578EB59FDF2A44E030BACDA28F49D9EEAAAAFDE99573DB", "href": "https://www.ibm.com/support/pages/node/260869", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:50:48", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects MegaRAID Storage Manager. MegaRAID Storage Manager has addressed the vulnerability.\n\n## Vulnerability Details\n\n## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects MegaRAID Storage Manager. MegaRAID Storage Manager has addressed the vulnerability.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**Description:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack.\"\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nProduct | Affected Version \n---|--- \nMegaRAID Storage Manager | 15.03.01.00 \n \n## Remediation/Fixes:\n\nIt is recommended to update to the firmware level listed below, or a later version. Firmware updates are available through IBM Fix Central: <http://www.ibm.com/support/fixcentral/>.\n\nProduct | Fixed Version \n---|--- \nMegaRAID Storage Manager \nibm_utl_msm_15.05.01.51_linux_32-64 \nibm_utl_msm_15.05.01.51_windows_32-64 | 15.05.01.51 \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations:\n\nNone.\n\n## References:\n\n * [Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide.html>)\n * [On-line Calculator v2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n22 March 2016: Original version published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2019-01-31T02:25:02", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects MegaRAID Storage Manager (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-01-31T02:25:02", "id": "86D995E73BA4BDC3330D3CB68C5C2C56FC15C38B79FB0E59DD5BC66B83F871EC", "href": "https://www.ibm.com/support/pages/node/868396", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:50:58", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Security Directory Integrator\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Tivoil Directory Integrator 6.1.1 \nIBM Tivoil Directory Integrator 7.0 \nIBM Tivoil Directory Integrator 7.1 \nIBM Tivoil Directory Integrator 7.1.1 \nIBM Security Directory Integrator 7.2 \n\n## Remediation/Fixes\n\nAffected Products and Versions\n\n| Fix availability \n---|--- \nTDI 6.1.1| [7.0.0-TIV-TDI-LA0023](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=swg24039869>) \nTDI 7.0| [7.0.0-TIV-TDI-LA0023](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=swg24039869>) \nTDI 7.1| [7.1.0-TIV-TDI-LA0017](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=swg24039871>) \nTDI 7.1.1| [7.1.1-TIV-TDI-LA0026](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=swg24039870>) \nSDI 7.2| [7.2.0-TIV-TDI-LA0007](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=swg24039872>) \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions \n\n## ", "cvss3": {}, "published": "2018-06-16T21:23:56", "type": "ibm", "title": "Security Bulletin:Vulnerability in RC4 stream cipher affects IBM Security Directory Integrator (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-16T21:23:56", "id": "86569DC1304F95D744865045A81A6FAA23B9E1424022D3523E5E95B8B420B3BA", "href": "https://www.ibm.com/support/pages/node/262315", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:52:16", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects Integrated Management Module 2 (IMM2).\n\n## Vulnerability Details\n\n## Summary\n\nThe RC4 \"Bar Mitzvah\" Attack for SSL/TLS affects Integrated Management Module 2 (IMM2).\n\n**Vulnerability Details**\n\n**CVE-ID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**Description:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to obtain sensitive information.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\nAll IMM2 firmware releases prior to v4.90 for these systems:\n\n * System x3100 M4, type 2582\n * System x3100 M5, type 5457\n * System x3250 M4, type 2583\n * System x3250 M5, type 5458\n * System x3300 M4, type 7382\n * System x3500 M4, type 7383\n * System x3530 M4, type 7160\n * System x3550 M4, type 7914\n * System x3630 M4, type 7158\n * System x3650 M4 BD, type 5466\n * System x3650 M4 HD, type 5460\n * System x3650 M4, type 7915\n * System x3750 M4, types 8752, 8718\n * System x3750 M4, types 8722, 8733\n * System x3850 X6, Type 3837\n * System x3950 X6, Type 3837\n * iDataPlex dx360 M4, types 7912, 7913\n * iDataPlex dx360 M4 Water Cooled, types 7918, 7919\n * NeXtScale nx360 M4, type 5455\n * Flex System x220 Compute Node, types 7906, 2585\n * Flex System x222 Compute Node, type 7916\n * Flex System x240 Compute Node, types 8737, 8738, 7863, 8956\n * Flex System x440 Compute Node, type 7917\n * Flex System x880 Compute Node, types 4259,7903\n * Flex System Manager Node, types 8731, 8734, 7955\n\n## Remediation/Fixes\n\nFirmware updates are available at IBM Fix Central: <http://www.ibm.com/support/fixcentral/>.\n\nIt is recommended to update the following affected systems to Integrated Management Module 2 v4.97 (1AOO66M) or above:\n\n * System x3100 M4, type 2582\n * System x3100 M5, type 5457\n * System x3250 M4, type 2583\n * System x3250 M5, type 5458\n * System x3300 M4, type 7382\n * System x3500 M4, type 7383\n * System x3530 M4, type 7160\n * System x3550 M4, type 7914\n * System x3630 M4, type 7158\n * System x3650 M4 BD, type 5466\n * System x3650 M4 HD, type 5460\n * System x3650 M4, type 7915\n * System x3750 M4, types 8752, 8718\n * System x3750 M4, types 8722, 8733\n * System x3850 X6, Type 3837\n * System x3950 X6, Type 3837\n * iDataPlex dx360 M4, types 7912, 7913\n * iDataPlex dx360 M4 Water Cooled, types 7918, 7919\n * NeXtScale nx360 M4, type 5455\n\nIt is recommended to update the following affected systems to Integrated Management Module 2 v4.90 (1AOO66O) or above:\n\n * Flex System x220 Compute Node, types 7906, 2585\n * Flex System x222 Compute Node, type 7916\n * Flex System x240 Compute Node, types 8737, 8738, 7863, 8956\n * Flex System x440 Compute Node, type 7917\n * Flex System x880 Compute Node, types 4259,7903\n * Flex System Manager Node, types 8731, 8734, 7955\n\nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nPlace the IMM2 into NIST-131A cryptomode to disable all RC4-based ciphers.\n\nFor standalone systems, the IMM2 can be put in the NIST131A mode using the CLI or Web:\n\n 1. IMM CLI: \nsystem> cryptomode -set NIST\n 2. IMM Web: Navigate to \"IMM Management\" -> \"Security\" -> \"Cryptography Management\" and then choose \"NIST SP 800-131A Compliance Mode\" and click applying\n\nFor Flex systems NIST-131A mode is configured in the CMM.\n\nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## Reference\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n17 April 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2019-01-31T01:55:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Integrated Management Module 2 (IMM2) (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-01-31T01:55:01", "id": "3CA859EBF8BCF3A4B3213DE2269D57C7107B791A6068854FB3FA0849F01DF648", "href": "https://www.ibm.com/support/pages/node/867170", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:40:47", "description": "## Summary\n\nThe RC4 \"Bar Mitzvah Attack\" for Secure Socket Layer (SSL) and Transport Layer Security (TLS) affects TPF Toolkit.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n\n\n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nTPF Toolkit 4.0.x and 4.2.x\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nTPF Toolkit| 4.2.x| JR53501| \n\n 1. Install the latest version of IBM Installation Manager.\n 2. Apply Interim Fix 4.2.4 by using IBM Installation Manager.\n 3. Update the Java installation on your z/OS or Linux on z Systems (or both) systems that the TPF Toolkit connects to. Download the latest version of Java from [_http://www.ibm.com/developerworks/java/jdk/_](<http://www.ibm.com/developerworks/java/jdk/>) \nTPF Toolkit| 4.0.x| JR53500| \n\n 1. Install the latest version of IBM Installation Manager.\n 2. Apply Interim Fix 4.0.7 by using IBM Installation Manager.\n 3. Update the Java installation on your z/OS or Linux on z Systems (or both) systems that the TPF Toolkit connects to. Download the latest version of Java from [_http://www.ibm.com/developerworks/java/jdk/_](<http://www.ibm.com/developerworks/java/jdk/>) \n \n## Workarounds and Mitigations\n\nFor TPF Toolkit 4.0.x and 4.2.x, you can disable the RC4 encryption algorithm for the IBM\u00ae Runtime Environment Java\u2122 Technology Edition, Version 7 that is used by TPF Toolkit and the DSTORE server on any remote systems. To disable the RC4 encryption algorithm, complete the following steps: \n\n 1. Close TPF Toolkit.\n 2. Navigate to the `%TPFHOME%\\jdk\\jre\\lib\\security` directory, and add or update the `jdk.tls.disabledAlgorithms` property in the java.security file to include the RC4 encryption algorithm: \n`jdk.tls.disabledAlgorithms=SSLv3, RC4`\n 3. On each remote system that hosts a DSTORE server for TPF Toolkit, navigate to the `$JAVA_HOME\\jre\\lib\\security` directory and add or update the `jdk.tls.disabledAlgorithms` property in the `java.security` file to include the RC4 encryption algorithm: \n`jdk.tls.disabledAlgorithms=SSLv3, RC4` \n` \n`**Note: **`$JAVA_HOME` is the installation directory for Java on the remote systems.\n 4. Restart TPF Toolkit.\n\n## ", "cvss3": {}, "published": "2018-08-03T04:23:43", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects TPF Toolkit (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-08-03T04:23:43", "id": "29687AF8C77B1B380581C7B76C863B078995151B56F0F908E108D3AB6EBE7340", "href": "https://www.ibm.com/support/pages/node/260861", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:47:17", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects the Enterprise Common Collector (a component of IBM Tivoli zEnterprise Monitoring Agent, a component of IBM Tivoli Monitoring).\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nEnterprise Common Collector 1.1.0 (a component of IBM Tivoli zEnterprise Monitoring Agent, a component of IBM Tivoli Monitoring v6.2.3 and v6.3.0)\n\n## Remediation/Fixes\n\n_Product_\n\n| \n\n_VRMF_\n\n| \n\n_Operating System_\n\n| \n\n_Remediation/First Fix_ \n \n---|---|---|--- \n \nIBM Tivoli zEnterprise Monitoring Agent (Enterprise Common Collector v1.1.0 component) \n\n| \n\nv6.2.3\n\n| AIX\u00ae| \n\n[_Fix Central link_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Tivoli%2BComposite%2BApplication%2BManager&product=ibm/Tivoli/IBM+Tivoli+Monitoring&release=All&platform=All&function=fixId&fixids=1.1.0.5-TIV-ITM-ECC-JRE-AIX-IF0004&includeSupersedes=0>) \n \nLinux\u00ae on System z\u00ae| \n\n[_Fix Central link_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Tivoli%2BComposite%2BApplication%2BManager&product=ibm/Tivoli/IBM+Tivoli+Monitoring&release=All&platform=All&function=fixId&fixids=1.1.0.5-TIV-ITM-ECC-JRE-Linuxz-IF0004&includeSupersedes=0>) \n \nLinux\u00ae on Intel\u00ae 32-bit| \n\n[_Fix Central link_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Tivoli%2BComposite%2BApplication%2BManager&product=ibm/Tivoli/IBM+Tivoli+Monitoring&release=All&platform=All&function=fixId&fixids=1.1.0.5-TIV-ITM-ECC-JRE-Linuxx32-IF0004&includeSupersedes=0>) \n \nLinux\u00ae on Intel\u00ae 64-bit| \n\n[_Fix Central link_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Tivoli%2BComposite%2BApplication%2BManager&product=ibm/Tivoli/IBM+Tivoli+Monitoring&release=All&platform=All&function=fixId&fixids=1.1.0.5-TIV-ITM-ECC-JRE-Linuxx64-IF0004&includeSupersedes=0>) \n \n32-bit Windows\u00ae| \n\n[_Fix Central link_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Tivoli%2BComposite%2BApplication%2BManager&product=ibm/Tivoli/IBM+Tivoli+Monitoring&release=All&platform=All&function=fixId&fixids=1.1.0.5-TIV-ITM-ECC-JRE-Windows32-IF0004&includeSupersedes=0>) \n \n64-bit Windows\u00ae| \n\n[_Fix Central link_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Tivoli%2BComposite%2BApplication%2BManager&product=ibm/Tivoli/IBM+Tivoli+Monitoring&release=All&platform=All&function=fixId&fixids=1.1.0.5-TIV-ITM-ECC-JRE-Windows64-IF0004&includeSupersedes=0>) \n \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-17T15:00:22", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects the Enterprise Common Collector component of the IBM Tivoli zEnterprise Monitoring Agent (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T15:00:22", "id": "3CF8A7AA1CDB0A8E873463D676A516030B956E859EC831618FA54389A8BE1F0A", "href": "https://www.ibm.com/support/pages/node/261087", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:54:57", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects the IBM WebSphere Service Registry and Repository component of IBM SOA Policy Gateway Pattern for AIX Server.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM SOA Policy Gateway Pattern for AIX Server 2.5\n\n## Remediation/Fixes\n\nUsers are already protected from this issue if they: \n\n * Have already applied WebSphere Application Server Interim Fix PI36563 to mitigate against the \"FREAK: Factoring Attack on RSA-EXPORT keys\". This fix removes RC4 from the default cipher lists.\n * **AND** are not using a custom WebSphere Application Server cipher list that includes the RC4 cipher\n \n\n\nIf WebSphere Application Server Interim Fix PI36563 has not yet been applied, users should follow the advice contained in the following linked WebSphere Application Server security bulletin: [](<http://www-01.ibm.com/support/docview.wss?uid=swg21698613>)[http://www.ibm.com/support/docview.wss?uid=swg21698613](<http://www-01.ibm.com/support/docview.wss?uid=swg21698613>).\n\nIf a custom cipher list is being used, users should verify that RC4 is not one of the listed ciphers, and remove it if it is. \n\n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2018-06-15T07:02:55", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM SOA Policy Gateway Pattern (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T07:02:55", "id": "CE5A2E40695AFADA32C2CA19691CD89CA1B35A315127B0F32CF305DAACB2ED23", "href": "https://www.ibm.com/support/pages/node/261569", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-02-10T00:00:00", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Personal Communications.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Personal Communications versions: 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.0.12, 6.0.13, 6.0.14\n\n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\nEnable FIPS mode for the secure connection in order to automatically disable the RC4 ciphers. \n\n_Steps to enable FIPS mode:_\n\n1\\. Select \"Communication -> Configure...\" menu item.\n\n![\\[$26BB2E81A9C5F26D.jpg\\]](/support/pages/system/files/support/swg/rattech.nsf/0/c2575bf8443ba15b85257e21003ba2a6/WorkaroundsMitigations/0.2FE.jpg) \n--- \n \n2\\. Click \"Link Parameters...\" button. ![\\[$189AE46F1C7A9E4E.jpg\\]](/support/pages/system/files/support/swg/rattech.nsf/0/c2575bf8443ba15b85257e21003ba2a6/WorkaroundsMitigations/0.3EEC.jpg) \n--- \n3\\. Select \"Enable FIPS Mode (TLS Protocol only)\" check box from \"Security Setup\" tab. ![\\[$121AD5899AA28873.jpg\\]](/support/pages/system/files/support/swg/rattech.nsf/0/c2575bf8443ba15b85257e21003ba2a6/WorkaroundsMitigations/3.2F0E.jpg) \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n--- \n \n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\nNone\n\n## Change History\n\n10 April 2015: Original Version Published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Product\":{\"code\":\"SSEQ5Y\",\"label\":\"Personal Communications\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\"General Information\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"6.0;6.0.1;6.0.2;6.0.3;6.0.4;6.0.5;6.0.6;6.0.7;6.0.8;6.0.9;6.0.10;6.0.11;6.0.12;6.0.13;6.0.14\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB17\",\"label\":\"Mainframe TPS\"}},{\"Product\":{\"code\":\"SSEQ5Y\",\"label\":\"Personal Communications\"},\"Business Unit\":{\"code\":\"BU054\",\"label\":\"Systems w\\/TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB17\",\"label\":\"Mainframe TPS\"}}]", "cvss3": {}, "published": "2019-03-05T12:59:26", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Personal Communications (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-03-05T12:59:26", "id": "CAFD515F067C0ADB25648289EE581F0602867E759926D5D9A4F349BAFFDF5676", "href": "https://www.ibm.com/support/pages/node/260877", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-13T09:36:48", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects the IBM Virtualization Engine TS7700\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nAll versions of microcode for the IBM Virtualization Engine TS7700 (3957-V06, 3957-V07, 3957-VEA, 3957-VEB) prior to release R2.1 are affected. In addition, microcode versions of releases R2.1, R3.0, R3.1 and R3.2 prior to and including the following are also affected: \n\n**Release**\n\n| **Version** \n---|--- \nR3.2| 8.32.0.88 \nR3.1| 8.31.0.92 \nR3.0| 8.30.3.4 \nR2.1| 8.21.0.178 \n \n## Remediation/Fixes\n\nContact IBM Service at 1-800-IBM-SERV to arrange an upgrade to the latest microcode level followed by the installation of vtd_exec.202 as shown below: \n\n**Release**\n\n| **Fix** \n---|--- \nR3.2| 8.32.0.88 + vtd_exec.202 v1.5 or higher \nR3.1| 8.31.0.92 + vtd_exec.202 v1.5 or higher \nR3.0| 8.30.3.4 + vtd_exec.202 v1.5 or higher \nR2.1| 8.21.0.178 + vtd_exec.202 v1.5 or higher \nOlder Releases| 8.21.0.178 + vtd_exec.202 v1.5 or higher \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nAlthough IBM recommends that you upgrade to the fixes identified above, you can mitigate, but not eliminate the risk of these vulnerabilities by restricting physical and network access to the TS7700 to authorized users and IBM Service Personnel only.\n\n## ", "cvss3": {}, "published": "2018-06-18T00:09:26", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects the IBM Virtualization Engine TS7700 (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-18T00:09:26", "id": "D251C18E418F3C48A2F3DB4C75C6216C77221717BBC528E99A14B09C8EC30557", "href": "https://www.ibm.com/support/pages/node/690399", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-23T21:51:57", "description": "## Summary\n\nThe RC4 Bar Mitzvah Attack for SSL/TLS affects Tivoli Application Dependency Discovery Manager, IBM Tivoli Monitoring, and IBM Systems Director which are shipped as components of IBM System Director Editions. Information about the security vulnerabilityaffecting these components has been published in the security bulletin.\n\n## Vulnerability Details\n\n## Summary\n\nThe RC4 Bar Mitzvah Attack for SSL/TLS affects Tivoli Application Dependency Discovery Manager, IBM Tivoli Monitoring, and IBM Systems Director which are shipped as components of IBM System Director Editions. Information about the security vulnerability affecting these components has been published in the security bulletin.\n\n**Vulnerability Details:**\n\nPlease consult the security bulletins listed below for the vulnerability details of the affected products.\n\n## Affected products and versions\n\nAffected Product and Version(s) | Product and Version shipped as a component | Security Bulletin \n---|---|--- \nIBM System Director Editions 6.2.0.0 | Tivoli Application Dependency Discovery Manager v7.2 | <http://www-01.ibm.com/support/docview.wss?uid=swg21882717> \nIBM System Director Editions 6.2.0.0 | IBM System Director 6.2.0.0 | \nIBM System Director Editions 6.2.1.0 | IBM Tivoli Monitoring6.2.2 (TEPS, TDW, TCR) | <http://www-01.ibm.com/support/docview.wss?uid=swg21883223> \nIBM System Director Editions 6.2.1.0 | Tivoli Application Dependency Discovery Manager v7.2 | <http://www-01.ibm.com/support/docview.wss?uid=swg21882717> \nIBM System Director Editions 6.2.1.0 | IBM System Director 6.2.1.0 | \nIBM System Director Editions 6.3.0.0 | IBM Tivoli Monitoring6.2.3 (TEPS, TDW, TCR) | <http://www-01.ibm.com/support/docview.wss?uid=swg21883223> \nIBM System Director Editions 6.3.0.0 | Tivoli Application Dependency Discovery Managerv7.2.1 | <http://www-01.ibm.com/support/docview.wss?uid=swg21882717> \nIBM System Director Editions 6.3.0.0 | IBM Systems Director 6.3.0.0 | \nIBM System Director Editions 6.3.2.0 | IBM Tivoli Monitoring6.3 (TEPS, TDW, TCR) | <http://www-01.ibm.com/support/docview.wss?uid=swg21883223> \nIBM System Director Editions 6.3.2.0 | IBM Systems Director 6.3.2.0 | \n \n## References:\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>) \n\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n22 July 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Systems Director Editions (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-2808"], "modified": "2019-01-31T02:10:01", "id": "981AEA2811A325CF121DD605BCE212CD99B839C759F94EA338AF2AF04BCB92B2", "href": "https://www.ibm.com/support/pages/node/867612", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-12T21:34:38", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Network Advisor.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to obtain sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Network Advisor Versions prior to 12.4.2.\n\n## Remediation/Fixes\n\nIBM Network Advisor 12.4.2. \n\n \n<https://www-947.ibm.com/support/entry/portal/product/system_networking/storage_area_network_%28san%29/san_management_software/ibm_network_advisor?productContext=-1976103879> \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-18T00:09:56", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Network Advisor (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-18T00:09:56", "id": "BB51B1CD5A42161B2D7937DBBCDFB1234DFC6114023656683DA2AFDAAC6A2542", "href": "https://www.ibm.com/support/pages/node/690671", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:54:56", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d attack for SSL/TLS affects IBM WebSphere Application Server that is used by server products in WebSphere Dynamic Process Edition.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nWebSphere Dynamic Process Edition 6.1, 6.2, 7.0 \n\nIf you are using an unsupported version, IBM strongly recommends to upgrade.\n\n## Remediation/Fixes\n\nPlease consult the security bulletin [_Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21701503>) for vulnerability details and information about fixes. WebSphere Application Server is used by WebSphere Process Server, WebSphere Business Services Fabric, and WebSphere Business Monitor.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-15T07:02:57", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects server products in WebSphere Dynamic Process Edition (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T07:02:57", "id": "B8AC08083636CED19696E4D6DC903C037B1DDFCA059E987F58E692CAC3A74AF0", "href": "https://www.ibm.com/support/pages/node/261485", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T14:28:24", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Multiple N-series Products\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)\n\n**DESCRIPTION**: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to obtain sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\nCVSS Base Score: 5\n\nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score\n\nCVSS Environmental Score*: Undefined\n\nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n7-Mode Data ONTAP 8.1.x and 8.2.x; \n\nClustered Data ONTAP 8.2.x;\n\nNS OnCommand Core Package: 5.2, 5.2R1, 5.2P1, 5.2P2;\n\nNS OnCommand Unified Manager for DataONTAP: 6.1R1;\n\n## Remediation/Fixes\n\n_None_\n\n## Workarounds and Mitigations\n\nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n**For 7-Mode Data ONTAP 8.2.3 and above (below 8.3)**\n\nA new option \u201coptions rc4.enable\u201d allows you to enable or disable the RC4 encryption algorithm that is used in the TLS and SSL protocols over HTTPS and FTPS connections. The option defaults to \u201con\u201d. To disable the RC4 cipher type \uff1a\n\n_\u201coptions rc4.enable off\u201d._\n\n**For Clustered Data ONTAP 8.2.2 RC1 and above (below 8.3)**\n\nYou can enable the OpenSSL FIPS 140-2 compliance mode to disable RC4 ciphers by executing the following command at the admin privilege level in the clustershell:\n\n_\u201csystem services web modify -ssl-fips-enable true\u201d_\n\nAbove workarounds are supported only in Data ONTAP 8.2.3 and above for 7-Mode and Data ONTAP 8.2.2 RC1 and above for Clustered-Mode. For customers who use 7-Mode Data ONTAP 8.1.x and 8.2.x (below 8.2.3), IBM urges an upgrading to 7-Mode Data ONTAP 8.2.3 and above (below 8.3) to implement the corresponding workaround. For customers who use Clustered Data ONTAP 8.1.x and 8.2.x (below 8.2.2RC1), IBM urges an upgrading to Clustered Data ONTAP 8.2.2 RC1 and above (below 8.3) to implement the corresponding workaround. Contact IBM support or go to this [_link_](<http://www-933.ibm.com/support/fixcentral/options?selectionBean.selectedTab=find&selection=System+Storage%3bNetwork+Attached+Storage+%28NAS%29%3bN+series+software%3bibm%2fNetworkAttachedStorage%2fData+ONTAP>) to download a supported release.\n\nFor customers who are using NS OnCommand Core Package or NS OnCommand Unified Manager for DataONTAP, please contact IBM support.\n\n## ", "cvss3": {}, "published": "2021-12-15T18:05:07", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Multiple N-series Products (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2021-12-15T18:05:07", "id": "0CDFD8570C2BCFAEEA4CE83F890D6CA31BCAE04145F91E59910CA1669331D4EF", "href": "https://www.ibm.com/support/pages/node/690509", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T14:24:15", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Tivoli Storage Productivity Center.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**DESCRIPTION: **The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See[](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n \n\n\n## Affected Products and Versions\n\nIBM Spectrum Control 5.2.8 through 5.2.9 (only for upgrade) \nTivoli Storage Productivity Center 5.2.5.1 through 5.2.7 (only for upgrade) \nTivoli Storage Productivity Center 5.2.0 through 5.2.5 \nTivoli Storage Productivity Center 5.1.0 through 5.1.1.6 \nTivoli Storage Productivity Center 4.2.0 through 4.2.2.191 \nTivoli Storage Productivity Center 4.1.x \nTotalStorage Productivity Center 3.3.x \n \nThe versions listed above apply to all licensed offerings of Tivoli Storage Productivity Center, including IBM SmartCloud Virtual Storage Center Storage Analytics Engine. \n \nSystem Storage Productivity Center is affected if it has one of the versions listed above installed on it.\n\n## Remediation/Fixes\n\nThe solution is to apply an appropriate Tivoli Storage Productivity Center fix maintenance for each named product as soon as practicable. See [_Latest Downloads_](<http://www.ibm.com/support/docview.wss?uid=swg21320822>) for links to the fixes. \n\nIt is always recommended to have a current backup before applying any upgrade procedure.\n\n \n \n**Affected Version**| **APAR**| **Fixed Version**| **Availability** \n---|---|---|--- \n5.2.x | IT08318| 5.2.5.1 \nSee important additional steps for APAR IT15332.| April 2015 \n5.1.x| IT08318| 5.1.1.7| April 2015 \n4.2.2.x| IT08539| 4.2.2.195 (FP9)| May 2015 \n**Note:** For Tivoli Storage Productivity Center 4.1.x or TotalStorage Productivity Center 3.3.x, IBM recommends upgrading to a fixed, supported release of the product. \n \n**Additional steps for Tivoli Storage Productivity Center 5.1.x and 5.2.x** \n \n**Important: **For Tivoli Storage Productivity Center 5.2.5.1 through 5.2.7 and IBM Spectrum Control 5.2.8 through 5.2.9 that have been upgraded from an earlier version, verify that the file RC4_ENABLE does not exist in the Data directory. If it exists, it must be deleted and the Data server restarted. This has been resolved with the fix for APAR IT15332 in IBM Spectrum Control 5.2.10. \n \nExample: \nIBM\\TPC\\Data\\RC4_ENABLE \n--- \n \nThe following steps will complete the configuration of WebSphere Application server to remove the RC4 cipher from the default enabledCiphers. \n \nFrom a command window: \n\n 1. cd \"C:\\Program Files\\IBM\\TPC\\ewas\\profiles\\WebServerProfile\\bin\"\n 2. wsadmin.bat -connType NONE -c \"$AdminTask modifySSLConfig {-alias NodeDefaultSSLSettings -scopeName (cell):WebServerCell:(node):WebServerNode -securityLevel HIGH -enabledCiphers {SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_AES_128_CBC_SHA}}\"\n \nExpected output: \n\"WASX7357I: By request, this scripting client is not connected to any server process. Certain configuration and application operations will be available in local mode.\" \n \nIf the output instead indicates an error, check for typos. If the command completed successfully: \n\n\n 1. Stop the TPCWebServer \n<TPC install dir>/scripts/stopTPCWeb.bat \nor \nWindows Services panel \"IBM WebSphere Application Server v8.0 - TPCWebServer\"\n 2. Restart the TPCWebServer \n<TPC install dir>/scripts/startTPCWeb.bat \nor \nWindows Services panel \"IBM WebSphere Application Server v8.0 - TPCWebServer\"\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2022-02-22T19:27:34", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Tivoli Storage Productivity Center (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2022-02-22T19:27:34", "id": "381ED3699651F44D736C9F0F7D611B0779505D220D566224222133A89182FBAF", "href": "https://www.ibm.com/support/pages/node/262141", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-02T18:15:48", "description": "## Abstract\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Operations Analytics Predictive Insights which is consuming WebSphere Application Server 8.5.5.1\n\n## Content\n\n**Vulnerability Details**\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n**Affected Products and Versions**\n\nOperations Analytics Predictive Insights 1.3.1 and earlier\n\n**Remediation/Fixes **\n\n \n\n\n_<Product_| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_Operations Analytics Predictive Insights_| _1.3.1 and earlier_| _None_| See work around \n \n_For 1.3.1 and earlier IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n \n**Workarounds and Mitigations** \n \n \nInstallation Instructions \n\\------------------------------------ \nAs the user that installed the Predictive Insights UI component, typically scadmin \n1\\. Stop the UI server used by Operations Analytics Predictive Insights \n<UI_HOME>/bin/pi.sh -stop \nwhere <UI_HOME> is typically /opt/IBM/scanalytics/UI \n2\\. cd <UI_HOME>/ibm-java-x86_64-70/jre/lib/security/ \n3\\. Create a copy of java.security file \ncp java.security java.security_orig \n4\\. Edit UI_HOME/ibm-java-x86_64-70/jre/lib/security/java.security file. \nAdd RC4 to jdk.tls.disabledAlgorithms variable. \nFor example \nvi <UI_HOME>/ibm-java-x86_64-70/jre/lib/security/java.security and change this line: \njdk.tls.disabledAlgorithms=SSLv3 \nto \njdk.tls.disabledAlgorithms=SSLv3,RC4 \n5\\. cd <UI_HOME>/wlp/usr/servers/piserver/ \n6\\. Create a copy of jvm.options file \ncp jvm.options jvm.options_orig \n7\\. Edit <UI_HOME>/wlp/usr/servers/piserver/jvm.options file. \nAdd this line: \n-Djsse.enableCBCProtection=true \n8\\. start UI server \n<UI_HOME>/bin/pi.sh -start \n \n \n \nRemoval Instructions \n\\------------------------------------ \nAs the user that installed the Predictive Insights UI component, typically scadmin \n1\\. Stop the UI server used by Operations Analytics Predictive Insights \n<UI_HOME>/bin/pi.sh -stop \nwhere <UI_HOME> is typically /opt/IBM/scanalytics/UI \n2\\. cd <UI_HOME>/ibm-java-x86_64-70/jre/lib/security/ \n3\\. Replace java.security file with the original \nmv java.security_orig java.security \n4\\. cd <UI_HOME>/wlp/usr/servers/piserver/ \n5\\. Replace jvm.options file with the original \nmv jvm.options_orig jvm.options \n6\\. start UI server \n<UI_HOME>/bin/pi.sh -start \n \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n \n\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Product\":{\"code\":\"SSJQQ3\",\"label\":\"IBM Operations Analytics - Predictive Insights\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Not Applicable\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"1.2;1.3\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2022-09-25T21:21:12", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Operations Analytics Predictive Insights (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2022-09-25T21:21:12", "id": "A9D664B8F8F70501F9E08DDB9E7EFC7FB73C0E0ECB305043842B889103AE9C45", "href": "https://www.ibm.com/support/pages/node/261939", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T21:44:49", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects the IBM FlashSystem 900.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM FlashSystem 900 including machine type and models (MTMs) for all available code levels. MTMs affected include 9840-AE2 and 9843-AE2.\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_ | _APAR_ | _Remediation/First Fix_ \n---|---|---|--- \nFlashSystem 900 MTMs: \n \n9840-AE2 & \n9843-AE2 | A code fix is now available. The VRMF of this code level is 1.2.1.8 (or later). | None | This vulnerability has been remediated in firmware version 1.2.1.8 \n \n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables any use of the RC4 stream cipher when interfacing to the IBM FlashSystem 900 -- and does not allow it to be re-enabled. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n_For firmware versions released earlier than 1.2.1.8, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nAlthough IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {}, "published": "2019-01-03T20:55:01", "type": "ibm", "title": "Security Bulletin: A vulnerability in RC4 stream cipher affects IBM FlashSystem 900 (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-01-03T20:55:01", "id": "EE13AC8357DD960F4675FB52EA635CB1F98308493448718725A86592C6B9B86C", "href": "https://www.ibm.com/support/pages/node/690519", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:37:54", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects InfoSphere BigInsights. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nCustomers who have Secure Sockets Layer (SSL) support enabled for any of the BigInsights components. \n \nIBM InfoSphere BigInsights 2.0, 2.1, 2.1.2, 3.0, 3.0.0.1, 3.0.0.2, 4.0 \n\n## Remediation/Fixes\n\nFor versions 2.1.2, 2.1, and 2.0: Apply the Interim fix which will remove RC4 cipher suites from the default list of enabled cipher suites. After downloading the BigInsights IBM Java version 1.6 Service Refresh 16 Fix Pack 3 from [fixcentral](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%3FInformation%2BManagement&product=ibm/Information+Management/InfoSphere+BigInsights&release=2.1.2.0&platform=All&function=all>) perform the following steps to replace the default JDK as BigInsights Administrator: \n \nSteps below assume that the new JDK is_ ibm-java-sdk-6.0-16.3-linux-x86_64.tgz_, and the current JDK is _ibm-java-sdk-6.0-12.0-linux-x86_64.tgz_. Replace the file names with the version of the new JDK for your platform and with the current version installed on your system. \n\n\n 1. Stop InfoSphere BigInsights: $BIGINSIGHTS_HOME/bin/stop-all.sh\n 2. Upload the new IBM JDK to console node in the $BIGINSIGHTS_HOME directory\n 3. Run the following commands on the BigInsights console node:\n * cd $BIGINSIGHTS_HOME\n * mv jdk/ jdk_orig\n * sudo chmod 777 ibm-java-sdk-6.0-16.3-linux-x86_64.tgz\n * sudo chown biadmin:biadmin ibm-java-sdk-6.0-16.3-linux-x86_64.tgz\n * tar zxvf ibm-java-sdk-6.0-16.3-linux-x86_64.tgz\n * mv ibm-java-x86_64-60 jdk\n * mv $BIGINSIGHTS_HOME/hdm/jdk $BIGINSIGHTS_HOME/hdm/jdk_orig\n * cp -r $BIGINSIGHTS_HOME/jdk $BIGINSIGHTS_HOME/hdm/ \n* Run the following command from console node against all other nodes in the cluster ( node is the name of the non-console node) \n\n * ssh node \"mv $BIGINSIGHTS_HOME/jdk $BIGINSIGHTS_HOME/jdk_orig\"\n * scp -r $BIGINSIGHTS_HOME/jdk**_ node_****_:_**$BIGINSIGHTS_HOME/\n* Run the following commands on the console node:\n\n * cd $BIGINSIGHTS_HOME/hdm/artifacts\n * mv ibm-java-sdk-6.0-12.0-linux-x86_64.tgz ibm-java-sdk-6.0-12.0-linux-x86_64.tgz_orig\n * cp $BIGINSIGHTS_HOME/ibm-java-sdk-6.0-16.3-linux-x86_64.tgz ibm-java-sdk-6.0-12.0-linux-x86_64.tgz\n * cd $BIGINSIGHTS_HOME/hdm/todeploy\n * mv jdk.tar.gz jdk.tar.gz_orig\n * mv jdk.tar.gz.cksum jdk.tar.gz.cksum_orig\n * syncconf.sh \n * cp jdk.tar.gz.cksum $BIGINSIGHTS_HOME/jdk/.deploy.cksum\n * For each node ( where node is the name of the non-console node) :\n * scp $BIGINSIGHTS_HOME/jdk/.deploy.cksum node:$BIGINSIGHTS_HOME/jdk/.deploy.cksum\n* Sync configuration, and restart the BigInsights: \n$BIGINSIGHTS_HOME/bin/sysncconf.sh \n$BIGINSIGHTS_HOME/bin/start-all.sh \n$BIGINSIGHTS_HOME/bin/healthcheck.sh \n\nFor other versions affected by this vulnerability, follow the instuctions in the mitigation section. \n\n## Workarounds and Mitigations\n\nThis vulnerability can be mitigated by disabling RC4 in the IBM Java security file, and enable FIPS mode in the LDAP security plugin-in configuration file for Big SQL. \n \n**For versions 3.0, 3.0.0.1, 3.0.0.2** \n \nFollow the mitigation instruction below as BigInsights Administrator to disable RC4 in IBM Java: \n\n\n 1. Stop InfoSphere BigInsights: $BIGINSIGHTS_HOME/bin/stop-all.sh \n 2. On console node update the java.security file to turn off RC4\n * Locate the java.security file on console node under $BIGINSIGHTS_HOME/hdm/jdk/jre/lib/security/java.security \n * Edit the java.security file and turn off RC4 by adding: jdk.tls.disabledAlgorithms=SSLv3,RC4 \n* Recreate jdk.tar.gz to include the new version of the java.security file on the console node\n\n * cd $BIGINSIGHTS_HOME/hdm/todeploy\n * mv jdk.tar.gz jdk.tar.gz.orig\n * mv jdk.tar.gz.cksum jdk.tar.gz.cksum.orig\n * syncconf.sh \n * cp $BIGINSIGHTS_HOME/hdm/todeploy/jdk.tar.gz.cksum $BIGINSIGHTS_HOME/jdk/.deploy.cksum \n* Run the following command from console node against all other nodes in the cluster ( node is the name of the non-console node) \n\n * ssh node mv $BIGINSIGHTS_HOME/jdk/.deploy.cksum $BIGINSIGHTS_HOME/jdk/.deploy.cksum.orig\n * scp $BIGINSIGHTS_HOME/jdk/.deploy.cksum node:$BIGINSIGHTS_HOME/jdk/.deploy.cksum \n* On each node: \n\n * Locate the java.security file used by the BigInsights: $BIGINSIGHTS_HOME/jdk/jre/lib/security/java.security\n * Edit the java.security file and turn off RC4 by adding: jdk.tls.disabledAlgorithms=SSLv3,RC4 \n* Restart BigInsights: $BIGINSIGHTS_HOME/bin/start-all.sh\n \n \n**For versions 3.0, 3.0.0.1, 3.0.0.2, and 4.0** \n \nCustomers who have Secure Sockets Layer (SSL) support enabled in their client configuration using LDAP security plug-in to communicate with LDAP server for Big SQL should follow the instructions below to mitigate the problem. SSL support is not enabled in LDAP security plug-in by default. \n \nMitigation instructions: \n\nCustomers should enable FIPS mode in LDAP security plugin-in as follows: \n\n 1. As the Big SQL instance owner, open up the LDAP security plugin-in configuration file The default name and location for the IBM LDAP security plug-in configuration file is:\n * \"BIGSQL_HOME/sqllib/cfg/IBMLDAPSecurity.ini . \n * Optionally, it could be resided in the location defined by the DB2LDAPSecurityConfig environment variable \n* Search for the FIPS_MODE configuration parameter in the file and change its value to true. Save and close the file. \n\n; FIPS_MODE \n; To set SSL encryption FIPS mode on or off. \n; Optional; Valid values are true (on) and false (off). Defaults to \n; false (FIPS mode off). \nFIPS_MODE = true \n\n## ", "cvss3": {}, "published": "2021-04-08T20:59:42", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects InfoSphere BigInsights (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2021-04-08T20:59:42", "id": "A000D9D739BF19E450376504F59B738631A89DC3231F08AD20A9C9A368A1B2C4", "href": "https://www.ibm.com/support/pages/node/262717", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:38:03", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Rational Developer for System z.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n**CVEID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\n**Principal Product and Version(s)**\n\n| **Affected Supporting Product and Version** \n---|--- \nRational Developer for System z, versions 8.5.x, 9.0.x, 9.1.x| \n\n * IBM SDK, Java Technology Edition, Version 6 Service Refresh 16 FP3 (IV70681) and earlier\n * IBM SDK, Java Technology Edition, Version 7 Service Refresh 8 and earlier\n * ## Remediation/Fixes \n \nIBM has provided patches for all affected versions. \n \nFollow the installation instructions in the README files included with the patch. \n \nThe fix can be obtained at the following locations: \n\n\n * [Rational Developer for System z Interim Fix 4 for 8.5.x](<http://www-01.ibm.com/support/docview.wss?uid=swg24040043>)\n * [Rational Developer for System z Interim Fix 4 for 9.0.x](<http://www-01.ibm.com/support/docview.wss?uid=swg24040042>)\n * [Rational Developer for System z Interim Fix 4 for 9.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg24040041>)\n * You should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n\n## ", "cvss3": {}, "published": "2020-10-27T15:51:50", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Developer for System z (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2020-10-27T15:51:50", "id": "7F939618289427F415F5FAE1B3FB138CE4BB917F17F3C723209877C015BEDE54", "href": "https://www.ibm.com/support/pages/node/262689", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-12T21:33:53", "description": "## Summary\n\nThere is a vulnerability in IBM\u00ae Runtime Environment Java\u2122 Technology Edition, Version 6 that is used by IBM SONAS. This issue was disclosed as part of the IBM Java SDK updates in April 2015.\n\n## Vulnerability Details\n\n \n**CVEID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>) \n \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/101851> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM SONAS \nThe product is affected when running a code releases 1.5.0.0 to 1.5.2.1\n\n## Remediation/Fixes\n\nIBM recommends that you fix this vulnerability by upgrading affected versions of IBM SONAS to the following code level or higher: \n \n1.5.2.2 \n \nPlease contact IBM support for assistance in upgrading your system.\n\n## Workarounds and Mitigations\n\nWorkaround(s): None \n \nMitigation(s) : Although IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.\n\n## ", "cvss3": {}, "published": "2018-06-22T05:47:45", "type": "ibm", "title": "Security Bulletin: Vulnerability in IBM Java SDK affect IBM SONAS (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-22T05:47:45", "id": "BC4EAF61DE018F3DB7A7F596B8F8073F339BFA9444A0A1C43D76571F6F0EDA47", "href": "https://www.ibm.com/support/pages/node/706961", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:54:58", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects WebSphere Service Registry and Repository.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \n \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nWebSphere Service Registry and Repository versions 7.0, 7.5, 8.0, and 8.5.\n\n## Remediation/Fixes\n\nUsers are already protected from this issue if they: \n\n * Have already applied WebSphere Application Server Interim Fix PI36563 to mitigate against the \"FREAK: Factoring Attack on RSA-EXPORT keys\". This fix removes RC4 from the default cipher lists.\n * **AND** are not using a custom WebSphere Application Server cipher list that includes the RC4 cipher\n \n\n\nIf WebSphere Application Server Interim Fix PI36563 has not yet been applied, users should follow the advice contained in the following linked WebSphere Application Server security bulletin: [](<http://www-01.ibm.com/support/docview.wss?uid=swg21698613>)<http://www-01.ibm.com/support/docview.wss?uid=swg21698613>.\n\nIf a custom cipher list is being used, users should verify that RC4 is not one of the listed ciphers, and remove it if it is. \n\n \nYou should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n\n**Important note: **IBM strongly suggests that all System z customers subscribe to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [_System z Security web site_](<http://www-03.ibm.com/systems/z/advantages/security/integrity_sub.html>). Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk.\n\n## ", "cvss3": {}, "published": "2018-06-15T07:02:55", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Service Registry and Repository (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T07:02:55", "id": "A1C5908805ACC66A08E8B3945FAB1356AAD38F16B35C2E541F9EE57AB84FBD3F", "href": "https://www.ibm.com/support/pages/node/261185", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T05:46:22", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Tivoli Netcool/OMNIbus\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to obtain sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nTivoli Netcool/OMNIbus 7.3.0 \nTivoli Netcool/OMNIbus 7.3.1 \nTivoli Netcool/OMNIbus 7.4.0 \nTivoli Netcool/OMNIbus 8.1.0\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nOMNIbus | 7.3.0.16| IIV73107, IV73123, IV74026| [](<http://www-01.ibm.com/support/docview.wss?uid=swg24039351>)<http://www-01.ibm.com/support/docview.wss?uid=swg24039351> \nOMNIbus| 7.3.1.13| IV73107, IV73123, IV74026| <http://www-01.ibm.com/support/docview.wss?uid=swg24039350> \nOMNIbus| 7.4.0.7| IV73107, IV73123, IV74026| <http://www-01.ibm.com/support/docview.wss?uid=swg24039348> \nOMNIbus | 8.1.0.4| IV73107, IV73123, IV74026| <http://www-01.ibm.com/support/docview.wss?uid=swg24039347> \n \n## Workarounds and Mitigations\n\nConfigure the OMNIbus server components to use FIPS mode as that will disable RC4 by default. FIPS mode configuration is described here: <http://www-01.ibm.com/support/knowledgecenter/SSSHTQ_8.1.0/com.ibm.netcool_OMNIbus.doc_8.1.0/omnibus/wip/install/concept/omn_con_fips_configuringsupport.html?lang=en>\n\n## ", "cvss3": {}, "published": "2018-06-17T15:03:37", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Tivoli Netcool/OMNIbus (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T15:03:37", "id": "C88ADBEA4F8A61ADBDF1DA25D72729E9902E90CA69E6C31DB456881DF5A6C601", "href": "https://www.ibm.com/support/pages/node/529537", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:52:12", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects various Optim data server tools desktop products.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Data Studio client 4.1.1 and earlier \n\nIBM InfoSphere Optim Query Workload Tuner for DB2 for LUW 4.1.1 and earlier\n\nIBM InfoSphere Optim Query Workload Tuner for DB2 for z/OS 4.1.1 and earlier\n\nInfoSphere Data Architect 9.1.2 and earlier\n\n## Remediation/Fixes\n\nIBM recommends that you fix this vulnerability by upgrading affected versions of the Optim data server tools to the following code level or higher: \n \nIBM Data Studio client 4.1.1 APAR 4 \n[download 4.1.1 APAR 4](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/IBM+Data+Studio&release=4.1.1&platform=All&function=all>) \n \nIBM InfoSphere Optim Query Workload Tuner for DB2 for LUW 4.1.1 APAR 4 \n[download 4.1.1 APAR 4](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Optim+Query+Workload+Tuner+for+DB2+for+Linux+UNIX+and+Windows&release=4.1.1&platform=All&function=all>) \n \nIBM InfoSphere Optim Query Workload Tuner for DB2 for z/OS 4.1.1 APAR 4 \n[download 4.1.1 APAR 4](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Optim+Query+Workload+Tuner+for+DB2+z/OS&release=4.1.1&platform=All&function=all>) \n \nIBM also recommends updating to the latest version of the IBM SDK, Java\u2122 Technology Edition that is installed with the client.and that contains the latest security patches. \n \n\n\n**Product**| **Version**| **IBM SDK** \n---|---|--- \nIBM Data Studio client \n\nIBM InfoSphere Optim Query Workload Tuner for DB2 for LUW\n\nIBM InfoSphere Optim Query Workload Tuner for DB2 for z/OS\n\n| 3.1.0, 3.1.1| Java 6 [Windows 32-bit](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FIBM+Data+Studio&fixids=311-DS-32-JDK-Windows-6SR16FP3&source=SAR>) \n \nJava 6 [Windows 64-bit](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FIBM+Data+Studio&fixids=311-DS-64-JDK-Windows-6SR16FP3&source=SAR>) \n \nJava 6 [Linux 32-bit](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FIBM+Data+Studio&fixids=310-DS-32-JDK-Linux-6SR16FP3&source=SAR>) \n \nJava 6 [Linux 64-bit](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FIBM+Data+Studio&fixids=310-DS-64-JDK-Linux-6SR16FP3&source=SAR>) \nIBM Data Studio client \n\nIBM InfoSphere Optim Query Workload Tuner for DB2 for LUW\n\nIBM InfoSphere Optim Query Workload Tuner for DB2 for z/OS\n\n| 3.2, 4.1.0, 4.1.0.1, 4.1.1| Java 7 [Windows 64-bit](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FIBM+Data+Studio&fixids=411-DS-64-JDK-Windows-71SR2FP10&source=SAR>) \nInfoSphere Data Architect| 7.6, 8.1| Java 6 [Windows 32-bit](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FIBM+Data+Studio&fixids=311-DS-32-JDK-Windows-6SR16FP3&source=SAR>) \n \nJava 6 [Windows 64-bit](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FIBM+Data+Studio&fixids=311-DS-64-JDK-Windows-6SR16FP3&source=SAR>) \n \nJava 6 [Linux 32-bit](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FIBM+Data+Studio&fixids=310-DS-32-JDK-Linux-6SR16FP3&source=SAR>) \n \nJava 6 [Linux 64-bit](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FIBM+Data+Studio&fixids=310-DS-64-JDK-Linux-6SR16FP3&source=SAR>) \nInfoSphere Data Architect| 8.5, 9.1, 9.1.1, 9.1.2| Java 7 [Windows 64-bit](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FIBM+Data+Studio&fixids=411-DS-64-JDK-Windows-71SR2FP10&source=SAR>) \n \n \nDetailed instructions for updating the IBM SDK, Java\u2122 Technology Edition are provided in the tech-note \u201c[Updating the IBM SDK, Java Technology Edition for Optim Data Server Tools Desktop Products](<http://www-01.ibm.com/support/docview.wss?uid=swg21691806>)\u201d. \n\n## Workarounds and Mitigations\n\nThe following mitigation applies to: \n \n\n\n**Product**| **Version** \n---|--- \nIBM Data Studio client| 3.2, 4.1.0, 4.1.0.1, 4.1.1 \nIBM InfoSphere Optim Query Workload Tuner for DB2 for LUW| 3.2, 4.1.0, 4.1.0.1, 4.1.1 \nIBM InfoSphere Optim Query Workload Tuner for DB2 for z/OS| 3.2, 4.1.0, 4.1.0.1, 4.1.1 \nInfoSphere Data Architect| 8.5, 9.1, 9.1.1, 9.1.2 \n \nTo disable the RC4 stream cipher in the JVM environment of the product, modify the** java.security** file. \n \nThe java.security file is located in the security folder relative to the product install directory (for example: C:\\Program Files\\IBM\\DS4.1.1\\jdk\\jre\\lib\\security\\java.security). \n \nOpen the file and add the following property at the end of the file: \n \n**jdk.tls.disabledAlgorithms=RC4** \n \nIf there is an existing entry already, append to it using a comma to separate each algorithm. For example: \n \n**jdk.tls.disabledAlgorithms=****SSLv3,RC4** \n \n_Note_: editing the java.security file may require administrator privileges. \n \nRestart the product to pick up the security configuration updates. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n \nFor earlier versions, IBM recommends upgrading to the latest supported version of the product. \n\n## ", "cvss3": {}, "published": "2018-06-16T13:10:36", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects various Optim data server tools desktop products (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-16T13:10:36", "id": "D54ACDD44659432ACAC652FC15700D423BFBDEA9A5F9BF09E9EF57AAD0B72583", "href": "https://www.ibm.com/support/pages/node/261259", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T21:42:54", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to obtain sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nReleases 6.1, 7.1 and 7.2 of IBM i are affected. \n\n## Remediation/Fixes\n\nThe issue can be fixed by applying PTF\u2019s to IBM i and following the remediation plan below. NOTE: Please read this entire section for the list PTF numbers for IBM i: \n \nPlease review this document for IBM i remediation steps: [_http://www.ibm.com/support/docview.wss?uid=nas8N1020681_](<http://www.ibm.com/support/docview.wss?uid=nas8N1020681>) \n \nReleases 6.1, 7.1 and 7.2 of IBM i are supported and will be fixed. \n \nThe IBM i PTF numbers are: \n \n**_IBM i OS and options:_**\n\n**Release 6.1 \u2013 **SI56418\n\n \n**Release 7.1 \u2013 ** SI56419 \n**Release 7.2 \u2013 **SI56643 \n \n**_IBM i Java:_** \n \nJava for IBM i: 5761-JV1 & 5770-JV1 \n \nFor details on Java for IBM i, see the details on the Java for IBM i page on developerWorks: \n[_http://www.ibm.com/developerworks/ibmi/techupdates/java_](<http://www.ibm.com/developerworks/ibmi/techupdates/java>) \n \nThe IBM i Group PTF numbers for Java are: \n**Release 6.1 \u2013 SF99562 level 32** \n**Release 7.1 \u2013 SF99572 level 21** \n**Release 7.2 \u2013 SF99716 level 6** \n \n**_Important note: _**_IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nN/A\n\n## ", "cvss3": {}, "published": "2019-12-18T14:26:38", "type": "ibm", "title": "Security Bulletin: RC4 Bar Mitzvah Attack for SSL/TLS (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2019-12-18T14:26:38", "id": "9FBC8617200CF2B7AF16E266B4914ADB80990BED0550F197A87E06B5ED476D36", "href": "https://www.ibm.com/support/pages/node/666237", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-07T14:20:35", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM InfoSphere Optim Performance Manager.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-2808](<https://vulners.com/cve/CVE-2015-2808>)\n\n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\".\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See[](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Optim Performance Manager for DB2 on Linux, UNIX, and Windows version 4.1 through 4.1.1 \n \nIBM InfoSphere Optim Performance Manager for DB2 on Linux, UNIX, and Windows version 5.1 through 5.3.1 \n\n\n## Remediation/Fixes\n\n \n\n\n**_OPM Version_**| **_Download URL_** \n---|--- \n4.1 - 5.1.1.1| [Replace JRE](<http://www.ibm.com/support/docview.wss?uid=swg21640535>) (V6 SR16-Fix Pack 4) \n5.2 \u2013 5.3| [Replace JRE](<http://www.ibm.com/support/docview.wss?uid=swg21640535>) (V7 SR9) \n5.3.1| [_Fix Central_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Optim+Performance+Manager&release=5.3.1.0&platform=All&function=all>) (Interim Fix 8409) or see Workarounds and Mitigations \nFor OPM versions 4.1 through 5.3, you must replace the IBM Runtime Environment, Java\u2122 Technology Edition (JRE) that is installed with OPM, with the latest IBM Runtime Environment, Java\u2122 Technology Edition. Detailed instructions are available here:[__\u201cUpdating the __](<http://www.ibm.com/support/docview.wss?uid=swg21640535>)[__IBM Runtime Environment, Java\u2122 Technology Edition__](<http://www.ibm.com/support/docview.wss?uid=swg21640535>)[__ for InfoSphere Optim Performance Manager__](<http://www.ibm.com/support/docview.wss?uid=swg21640535>)_\u201d_. \n\nFor OPM version 5.3.1, installing the OPM Interim Fix changes the Java Security configuration of the web console server to disallow RC4 cipher suites for HTTPS connections (using the SSL/TLS protocol). If you are not able to install the OPM Interim Fix, follow the Workarounds and Mitigation section below. \n\n## Workarounds and Mitigations\n\nFor OPM 5.3.1 disable the RC4 cipher suite by adding \"RC4\" to the list of disabled algorithms defined by the jdk.tls.disabledAlgorithms security property in java.security file. \n\nEdit the java.security file that is located in the InfoSphere Optim Performance Manager installation directory:\n\n \n \n` `` /``jre/lib/security``/``java.security` \n \nAdd the following line and save the file: \n \n` `` jdk.tls.disabledAlgorithms=RC4` \n \nIf the jdk.tls.disabledAlgorithms property was already enabled (without a \"#\" character at the beginning of the line), i.e.: \n \n` jdk.tls.disabledAlgorithms=SSLv3` \n \nthen append the text _\", RC4\"_ to the end of the line and save the file. \n \n` jdk.tls.disabledAlgorithms=SSLv3``**, RC4**` \n \nRestart the OPM Web Console server for this change to take effect. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {}, "published": "2021-07-08T21:30:52", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM InfoSphere Optim Performance Manager (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2021-07-08T21:30:52", "id": "F02D72DEE5DE583089D60AF63C6CC0F95B683C27779E590310FE393171FB9761", "href": "https://www.ibm.com/support/pages/node/261267", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:54:55", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects WebSphere DataPower XC10 Appliance Version 2.1. WebSphere DataPower XC10 Appliance Version 2.5 is not affected.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack.\" \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nWebSphere DataPower XC10 Appliance V2.1\n\n## Remediation/Fixes\n\nThe only remediation is to apply the following fixes: \n\n**Product**| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \n \nWebSphere DataPower XC10 Appliance| 2.1| \nIT08240| [http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+DataPower+XC10+Appliance&release=2.1.0.3&platform=All&function=all](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+DataPower+XC10+Appliance&release=2.1.0.3&platform=All&function=all>) \n \nVerify that applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. If you change this setting you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nFor WebSphere DataPower XC10 Appliance Version 2.1 will need to apply the appropriate fix. This will disable the RC4 algorithm used on the appliance.\n\n## ", "cvss3": {}, "published": "2018-06-15T07:02:58", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere DataPower XC10 Appliance V2.1 (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T07:02:58", "id": "B0322560C1846B605A089B18FF01990EB98EE066C468D4AE47B259A4253CCE00", "href": "https://www.ibm.com/support/pages/node/262765", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:49:06", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects Rational Service Tester.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>)** \nDESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5.0 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101851> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational Service Tester versions 8.2.*, 8.3.*, 8.5.*, 8.6.* and 8.7.\n\n## Remediation/Fixes\n\nDownload Java from one of the links below. Edit java.security and disable RC4 by adding it to the list of disabled algorithms. For example, \n \njdk.tls.disabledAlgorithms=SSLv3, RC4 \n \nFor a default installation the file java.security can be found as indicated below. \nWindows: C:\\Program Files\\IBM\\SDP\\jdk\\jre\\lib\\security. \nLinux: /opt/IBM/SDP/jdk/jre/lib/security. \n \n\n\n**_Product_**| **_VRMF_**| **_APAR_**| **_Remediation/First Fix_** \n---|---|---|--- \nRST| 8.7| None| Download [Java 7 SR8 FP10 +IV70681](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ERational&product=ibm/Rational/Rational+Performance+Tester&release=8.0.0.0&platform=All&function=fixId&fixids=Rational-RPT-JavaPatch-Java7SR8FP10&includeSupersedes=0&source=fc>) \nRST| 8.6 - 8.6.x| None| Download[ Java 7 SR8 FP10 +IV70681 ](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ERational&product=ibm/Rational/Rational+Performance+Tester&release=8.0.0.0&platform=All&function=fixId&fixids=Rational-RPT-JavaPatch-Java7SR8FP10&includeSupersedes=0&source=fc>) \nRST| 8.5 - 8.5.x| None| Download[ Java 7 SR8 FP10 +IV70681](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ERational&product=ibm/Rational/Rational+Performance+Tester&release=8.0.0.0&platform=All&function=fixId&fixids=Rational-RPT-JavaPatch-Java7SR8FP10&includeSupersedes=0&source=fc>) \nRST| 8.3 - 8.3.x| None| Download [Java 7 SR8 FP10 +IV70681](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ERational&product=ibm/Rational/Rational+Performance+Tester&release=8.0.0.0&platform=All&function=fixId&fixids=Rational-RPT-JavaPatch-Java7SR8FP10&includeSupersedes=0&source=fc>) \nRST| 8.2 - 8.2.1.x| None| Download [Java 7 SR8 FP10 +IV70681 ](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ERational&product=ibm/Rational/Rational+Performance+Tester&release=8.0.0.0&platform=All&function=fixId&fixids=Rational-RPT-JavaPatch-Java7SR8FP10&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-06-17T05:01:49", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects Rational Service Tester (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-17T05:01:49", "id": "D30F02319749539738BDC24DA7238A5443EBA8AA8D4D5B3F5A3B14A493E63BE1", "href": "https://www.ibm.com/support/pages/node/261915", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-21T01:52:49", "description": "## Summary\n\nThe RC4 \u201cBar Mitzvah\u201d Attack for SSL/TLS affects IBM Cognos Insight\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-2808_](<https://vulners.com/cve/CVE-2015-2808>) \n**DESCRIPTION:** The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as \"Bar Mitzvah Attack\". \nCVSS Base Score: 5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101851_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101851>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n \nCognos Insight 10.2 \nCognos Insight 10.2.1 \nCognos Insight 10.2.2 \n\n## Remediation/Fixes\n\n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24040712>) \n[Cognos Insight Standard Edition 10.2 Fix Pack 1 Interim Fix 4](<http://www-01.ibm.com/support/docview.wss?uid=swg24040712>) \n \n[Cognos Insight Standard Edition 10.2.1 Fix Pack 2 Interim Fix 4](<http://www-01.ibm.com/support/docview.wss?uid=swg24040711>) \n \n[Cognos Insight Standard Edition 10.2.2 Fix Pack 4](<http://www-01.ibm.com/support/docview.wss?uid=swg24040540>) \n\n\n## Workarounds and Mitigations\n\nTo mitigate the vulnerability in the xulrunner embedded browser: \n \n1.1) Locate Cognos Insight installation directory. \n1.2) For all directories matching <installation_directory>\\plugins\\com.ibm.cognos.isv.xulrunner.win32.* \n1.3) Open file <installation_directory>\\plugins\\com.ibm.cognos.isv.xulrunner.win32.*\\xulrunner\\greprefs.js with a text editor \n1.4) For each RC4 cipher which is set to 'true' change the value to 'false' \n \ne.g. \n \nline: \n \npref(\"security.ssl3.rsa_rc4_128_md5\", true); \n \nbecomes: \n \npref(\"security.ssl3.rsa_rc4_128_md5\", false); \n \n \n \nTo fully mitigate the risk to this vulnerability, IBM recommended that Cognos Insight customers pick up the latest Cognos TM1 fixes. These fixes disable RC4 ciphers on TM1 Server . \n \n[IBM Cognos TM1 9.5.2 Fix Pack 3 Interim Fix 7](<http://www-01.ibm.com/support/docview.wss?uid=swg24039812>) \n \n[IBM Cognos TM1 10.1.1.2 Interim Fix 4](<http://www-01.ibm.com/support/docview.wss?uid=swg24039813>) \n \n[IBM Cognos TM1 10.2.0.2 Interim Fix 4](<http://www-01.ibm.com/support/docview.wss?uid=swg24039814>) \n \n[IBM Cognos TM1 10.2.2 FP3](<http://www.ibm.com/support/docview.wss?uid=swg24039764>) \n \n \n \nIBM also highly recommends that if Cognos Insight connects to any TM1 Planning Service , the following steps should be performed: \n \n \n2.1) Start Cognos Configuration \n \n2.2) Navigate to Security/Cryptography/Cognos \n \n2.3) Open the supported cipher suites selection dialog \n \n2.4) Select all cipher suites that have RC4 in the the name and remove them from the Current Values List. Select OK to save the new list. \n \n2.5) Save and restart your service using Cognos Configuration. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.. \n \n \n \n \n\n\n## ", "cvss3": {}, "published": "2018-06-15T22:36:59", "type": "ibm", "title": "Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Cognos Insight (CVE-2015-2808)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2808"], "modified": "2018-06-15T22:36:59", "id": "B529694E1646D2AAED4AD4A6CE4C587933AE79F44C68C59FC8FED83B02451AEB", "href": "https://www.ibm.com/support/pages/node/264033", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "checkpoint_advisories": [{"lastseen": "2022-11-28T07:09:46", "description": "An information disclosure vulnerability has been reported in SSL 3.0 and TLS 1.0 encryption protocols.", "cvss3": {}, "published": "2012-01-10T00:00:00", "type": "checkpoint_advisories", "title": "Preemptive Protection against SSL and TLS Protocols Information Disclosure (MS12-006; CVE-2011-3389)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2012-020", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-12-17T12:30:01", "description": "The vulnerability is due to the server's inability to handle multiple incoming SSL requests within a short period of time. Remote attackers may exploit this issue by rapidly sending a large number of SSL requests to the server. The attack may be initiated from one or more sources (DDoS). Successful exploitation may cause the server to crash, resulting in a denial of service condition. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS.", "cvss3": {}, "published": "2011-11-06T00:00:00", "type": "checkpoint_advisories", "title": "Web Servers SSL Flooding Denial of Service (CVE-2011-3389)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2018-09-27T00:00:00", "id": "CPAI-2011-505", "href": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2023-05-18T14:23:06", "description": "This plugin has been deprecated and is no longer functional. It was originally written to check Microsoft's workaround for CVE-2011-3389, but was replaced by plugin 57474 which checks for the patch that fixes this CVE.", "cvss3": {}, "published": "2011-09-29T00:00:00", "type": "nessus", "title": "Deprecated", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2013-05-13T00:00:00", "cpe": ["cpe:/a:microsoft:ie"], "id": "SMB_KB2588513.NASL", "href": "https://www.tenable.com/plugins/nessus/56333", "sourceData": "#%NASL_MIN_LEVEL 999999\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2012/02/08. Deprecated by smb_nt_ms12-006.nasl.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56333);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/27 18:38:15\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n\n script_name(english:\"Deprecated\");\n script_summary(english:\"Checks if RC4 has been prioritized.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"This plugin has been deprecated and is no longer functional. It\nwas originally written to check Microsoft's workaround for\nCVE-2011-3389, but was replaced by plugin 57474 which checks for\nthe patch that fixes this CVE.\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://technet.microsoft.com/en-us/security/advisory/2588513\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:ie\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Use smb_nt_ms12-006.nasl (plugin ID 57474) instead\");\n\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nwinver = get_kb_item_or_exit('SMB/WindowsVersion');\n\nif (winver != '6.0') exit(1, 'The workaround only applies to Windows Vista and 2008.');\n\nname = kb_smb_name();\nport = kb_smb_transport();\nif (!get_port_state(port)) exit(1, 'Port '+port+' is not open.');\nlogin = kb_smb_login();\npass = kb_smb_password();\ndomain = kb_smb_domain();\n\nsoc = open_sock_tcp(port);\nif (!soc) exit(1, 'Can\\'t open socket on port '+port+'.');\nsession_init(socket:soc, hostname:name);\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:'IPC$');\nif (rc != 1)\n{\n NetUseDel();\n exit(1, 'Can\\'t connect to IPC$ share.');\n}\n\n# Connect to the remote registry\nhklm = RegConnectRegistry(hkey:HKEY_LOCAL_MACHINE);\nif (isnull(hklm))\n{\n\n NetUseDel();\n exit(1, 'Can\\'t connect to remote registry.');\n}\n\nvuln = FALSE;\nsuites = make_list();\nkey = 'SOFTWARE\\\\Policies\\\\Microsoft\\\\Cryptography\\\\Configuration\\\\SSL\\\\00010002';\nkey_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);\nif (!isnull(key_h))\n{\n item = RegQueryValue(handle:key_h, item:'Functions');\n if (isnull(item)) vuln = TRUE;\n else suites = split(item[1], sep:',', keep:FALSE);\n RegCloseKey(handle:key_h);\n}\nRegCloseKey(handle:hklm);\nNetUseDel();\n\nif ((max_index(suites) < 1) && !vuln) exit(1, 'Couldn\\'t get the SSL Cipher Suite Order from the remote host.');\n\nif (\n !vuln &&\n suites[0] != 'TLS_RSA_WITH_RC4_128_SHA' &&\n suites[0] != 'TLS_RSA_WITH_RC4_128_MD5' &&\n suites[0] != 'SSL_CK_RC4_128_WITH_MD5'\n) vuln = TRUE;\n \n\nif (vuln)\n{\n if (report_verbosity > 0)\n {\n report = '\\n The \\'RC4\\' algorithm hasn\\'t been prioritized on the remote host.\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse exit(0, 'The host is not affected.');\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:32:45", "description": "- Added a patch to fix errors in the pkcs11n.h header file. (bmo#702090)\n\n - update to 3.13.1 RTM\n\n - better SHA-224 support (bmo#647706)\n\n - fixed a regression (causing hangs in some situations) introduced in 3.13 (bmo#693228)\n\n - update to 3.13.0 RTM\n\n - SSL 2.0 is disabled by default\n\n - A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n\n - SHA-224 is supported\n\n - Ported to iOS. (Requires NSPR 4.9.)\n\n - Added PORT_ErrorToString and PORT_ErrorToName to return the error message and symbolic name of an NSS error code\n\n - Added NSS_GetVersion to return the NSS version string\n\n - Added experimental support of RSA-PSS to the softoken only\n\n - NSS_NoDB_Init does not try to open /pkcs11.txt and /secmod.db anymore (bmo#641052, bnc#726096)", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : mozilla-nss (openSUSE-2011-100) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libfreebl3", "p-cpe:/a:novell:opensuse:libfreebl3-32bit", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3", "p-cpe:/a:novell:opensuse:libsoftokn3-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss", "p-cpe:/a:novell:opensuse:mozilla-nss-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debugsource", "p-cpe:/a:novell:opensuse:mozilla-nss-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-tools", "p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2011-100.NASL", "href": "https://www.tenable.com/plugins/nessus/74514", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2011-100.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74514);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"openSUSE Security Update : mozilla-nss (openSUSE-2011-100) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"- Added a patch to fix errors in the pkcs11n.h header\n file. (bmo#702090)\n\n - update to 3.13.1 RTM\n\n - better SHA-224 support (bmo#647706)\n\n - fixed a regression (causing hangs in some situations)\n introduced in 3.13 (bmo#693228)\n\n - update to 3.13.0 RTM\n\n - SSL 2.0 is disabled by default\n\n - A defense against the SSL 3.0 and TLS 1.0 CBC chosen\n plaintext attack demonstrated by Rizzo and Duong\n (CVE-2011-3389) is enabled by default. Set the\n SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n\n - SHA-224 is supported\n\n - Ported to iOS. (Requires NSPR 4.9.)\n\n - Added PORT_ErrorToString and PORT_ErrorToName to return\n the error message and symbolic name of an NSS error code\n\n - Added NSS_GetVersion to return the NSS version string\n\n - Added experimental support of RSA-PSS to the softoken\n only\n\n - NSS_NoDB_Init does not try to open /pkcs11.txt and\n /secmod.db anymore (bmo#641052, bnc#726096)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=726096\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected mozilla-nss packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libfreebl3-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libfreebl3-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libsoftokn3-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libsoftokn3-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-certs-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-certs-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-debugsource-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-devel-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-sysinit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-sysinit-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-tools-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-tools-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libfreebl3 / libfreebl3-32bit / libfreebl3-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T14:42:22", "description": "A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow information disclosure if an attacker intercepts encrypted traffic served from an affected system.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.\n\nThis plugin tries to establish an SSL/TLS remote connection using an affected SSL version and cipher suite and then solicits return data.\nIf returned application data is not fragmented with an empty or one-byte record, it is likely vulnerable.\n\nOpenSSL uses empty fragments as a countermeasure unless the 'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' option is specified when OpenSSL is initialized.\n\nMicrosoft implemented one-byte fragments as a countermeasure, and the setting can be controlled via the registry key HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\SendExtraRecord.\n\nTherefore, if multiple applications use the same SSL/TLS implementation, some may be vulnerable while others may not be, depending on whether or not a countermeasure has been enabled.\n\nNote that this plugin detects the vulnerability in the SSLv3/TLSv1 protocol implemented in the server. It does not detect the BEAST attack where it exploits the vulnerability at HTTPS client-side (i.e., Internet browser). The detection at server-side does not necessarily mean your server is vulnerable to the BEAST attack, because the attack exploits the vulnerability at the client-side, and both SSL/TLS clients and servers can independently employ the split record countermeasure.", "cvss3": {}, "published": "2012-04-16T00:00:00", "type": "nessus", "title": "SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": [], "id": "SSL3_TLS1_IV_IMPL_INFO_DISCLOSURE.NASL", "href": "https://www.tenable.com/plugins/nessus/58751", "sourceData": "#TRUSTED 1c09e57918a34eb380475831ff14af56c6a719d156a8b7fa6cb7553e658f8a22ac62dbcc9996e7729fa6d14bf83687cc951f1f2f10a651d629e67419f552e4533ca25e6f631c768859627a1a471575658187eaa923dccbfdac42910dc2528657788ad512bcffeb6005787672d1b0451bf28ac08de4509757325eb858a9172e61149083219a1b8f90e5b58db207c0b38cb5d2d14622bb8d5ed425d3d933c36c25872e6bb88776827a0317d53557989e4380bc2516e85533de1e4cb169368d0dd17d7fc838ef37f3a9eaa415fb0bac21e25e6a226ecb93de57d5ab1f6c51401082713ce479cb38866df0c7002ed7e2aae7c32e42817078a07a25a8accdcb5d1aef1b5a8b98ff45d9bbce57a0256e3184b125bcea13b14f7b88333258165a1b20367b445b2af45c48f60799c2d7427746060ab5211190c7964e742b7e12820e0858b90b0f6140a4714691fd456e3b012e711ee22947117ed1c1fe7c658276fb211774cb92d35a5b6ea26ee9d61abaf0a1a0504083b274823fed5fd0754ad17d4a6aa558750b4e0173b73f0d3d07a47337e0741026a1179c97a672296d49a6b1a60c8b8f320b15c4616b41fbcb6ec2215294eb81ca5130cd383c22561db3bf62ffdc41822728a634f3e47cad5b0b99d7abe51aaaf1a97c70b5f00aa9aaf37530b40912e0988c6bdfb679059e6b22a7ccf53bc6a746e8e50abed07d7372ae11133e99\n#TRUST-RSA-SHA256 7f1a56671af4ff831be079d04ae1817a8d85bd3aca74dbe89504a356f731ec1ed5332c6365a749070a483bbf19b4b3e7e5724902fdb9a2c7ea786fa282eeebf258e07bff782856dbc8ff001c602d8184063bf97282c87ef5e236ee565662711bbb7d848785f4319a12934198c543c382e7e2e30fa0c77a4284f841a75f2d58e6f992c156b8b87b1c6bb5591d6dc607bec5183f9a192274e13beb5cfbacfa36de7a90397598e7501cf1f97597b1aa28dfcf47277044445ddc75133dd74debc776051b1ea8606ba6765a0b2d6cda721332d1c88a1a7354c65cfed7bece58e9813b340d90fedee490a70524ffef05913f88036c952619271605f5e5ee04749ecf1517a4abff9a51c1ce78497b018e77a6e2a3dc9216d1a7e8df2870516c4b9468338cf4df456e955c529c7fcdc11f4f5f842e1821f82dd7294b990e3f1aa4d004d5de02087633cace8508484f8f17f1675d137c4672be69ba628a0042eea4f20ab592c4645f44ccd688f02733937031b204f9056994f5310e6406fb6d4167f246d4e0df6392768610b581cf28b2d6616dc52691f99f7d544bdd665cccf735efc2f8ecd00d67947942283485ed729b0069dfc1a909cae42471ea23f5d7f6ad0912efa5550929a1496a09f9aea266bbf9f81928c90f13215ace006182e8d364074b058aa32ed6b667bbab393080ba67eb03da984146462dea734030088e9cf7c91532\n#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58751);\n script_version(\"1.43\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"MSFT\", value:\"MS12-006\");\n script_xref(name:\"IAVB\", value:\"2012-B-0006\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"It may be possible to obtain sensitive information from the remote\nhost with SSL/TLS-enabled services.\");\n script_set_attribute(attribute:\"description\", value:\n\"A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow\ninformation disclosure if an attacker intercepts encrypted traffic\nserved from an affected system.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are\nnot affected.\n\nThis plugin tries to establish an SSL/TLS remote connection using an\naffected SSL version and cipher suite and then solicits return data.\nIf returned application data is not fragmented with an empty or\none-byte record, it is likely vulnerable.\n\nOpenSSL uses empty fragments as a countermeasure unless the\n'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' option is specified when OpenSSL\nis initialized.\n\nMicrosoft implemented one-byte fragments as a countermeasure, and the\nsetting can be controlled via the registry key\nHKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\SendExtraRecord.\n\nTherefore, if multiple applications use the same SSL/TLS\nimplementation, some may be vulnerable while others may not be,\ndepending on whether or not a countermeasure has been enabled.\n\nNote that this plugin detects the vulnerability in the SSLv3/TLSv1\nprotocol implemented in the server. It does not detect the BEAST\nattack where it exploits the vulnerability at HTTPS client-side\n(i.e., Internet browser). The detection at server-side does not\nnecessarily mean your server is vulnerable to the BEAST attack,\nbecause the attack exploits the vulnerability at the client-side, and\nboth SSL/TLS clients and servers can independently employ the split\nrecord countermeasure.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://vnhacker.blogspot.com/2011/09/beast.html\");\n # https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-006\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?649b81c1\");\n # https://support.microsoft.com/en-us/help/2643584/ms12-006-vulnerability-in-ssl-tls-could-allow-information-disclosure-j\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?84775fd6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://blogs.msdn.microsoft.com/kaushal/2012/01/20/fixing-the-beast/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.\nConfigure SSL/TLS servers to only support cipher suites that do not\nuse block ciphers. Apply patches if available.\n\nNote that additional configuration may be required after the\ninstallation of the MS12-006 security update in order to enable the\nsplit-record countermeasure. See Microsoft KB2643584 for details.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"General\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssl_supported_versions.nasl\");\n script_require_keys(\"SSL/Supported\");\n\n exit(0);\n}\n\ninclude(\"ftp_func.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"http.inc\");\ninclude(\"ldap_func.inc\");\ninclude(\"nntp_func.inc\");\ninclude(\"smtp_func.inc\");\ninclude(\"telnet2_func.inc\");\ninclude(\"x509_func.inc\");\ninclude(\"rsync.inc\");\ninclude(\"audit.inc\");\ninclude(\"string.inc\");\n\nglobal_var _ssl;\n\nif (!get_kb_item(\"Settings/PCI_DSS\") && !thorough_tests) exit(0, \"This plugin only runs if 'Thorough tests' is enabled or if PCI scanning is enabled.\");\n##\n# Get cipher description.\n#\n# @return Value of ciphers_desc[<name>] from ssl_funcs.inc.\n##\nfunction ssl3_get_cipher_desc()\n{\n local_var cipher, name;\n\n if (!isnull(_ssl['cipher_desc']))\n return _ssl['cipher_desc'];\n\n cipher = _ssl['cipher'];\n name = cipher_name(id:cipher);\n if (isnull(name)) return NULL;\n\n return ciphers_desc[name];\n}\n\n##\n# Checks whether a cipher is in a list of cipher suites.\n#\n# @anonparam cipher Cipher in question.\n# @anonparam ciphers List of cipher suites.\n#\n# @return TRUE for success, FALSE otherwise.\n##\nfunction ssl3_cipher_in_list()\n{\n local_var cipher, ciphers, i, id, len;\n\n cipher = _FCT_ANON_ARGS[0];\n ciphers = _FCT_ANON_ARGS[1];\n\n len = strlen(ciphers);\n for (i = 0; i < len; i += 2)\n {\n id = substr(ciphers, i, i + 2 - 1);\n if (cipher == id) return TRUE;\n }\n\n return FALSE;\n}\n\n##\n# Split the key block into IVs, cipher keys, and MAC keys.\n#\n# @anonparam keyblk Key block derived from the master secret.\n#\n# @return TRUE for success, FALSE otherwise.\n##\nfunction ssl3_set_keys()\n{\n local_var desc, mac_size, iv_size, key_size, keyblk, pos;\n local_var encrypt, mac;\n\n desc = ssl3_get_cipher_desc();\n if (isnull(desc)) return FALSE;\n\n encrypt = cipher_field(name:desc, field:\"encrypt\");\n mac = cipher_field(name:desc, field:\"mac\");\n\n keyblk = _FCT_ANON_ARGS[0];\n\n # Determine the size of the key block's fields.\n if ('SHA1' >< mac) mac_size = 20;\n else if ('MD5' >< mac) mac_size = 16;\n else return FALSE;\n\n if ('3DES-CBC(168)' >< encrypt) { key_size = 24; iv_size = 8; }\n else if ('DES-CBC(56)' >< encrypt) { key_size = 8; iv_size = 8; }\n else if ('AES-CBC(128)' >< encrypt) { key_size = 16; iv_size = 16; }\n else if ('AES-CBC(256)' >< encrypt) { key_size = 32; iv_size = 16; }\n else return FALSE;\n\n # Ensure the block is big enough.\n if (strlen(keyblk) < 2 * (mac_size + key_size + iv_size))\n return FALSE;\n\n # Extract the data from the key block.\n pos = 0;\n _ssl['enc_mac_key'] = substr(keyblk, pos, pos + mac_size - 1); pos += mac_size;\n _ssl['dec_mac_key'] = substr(keyblk, pos, pos + mac_size - 1); pos += mac_size;\n _ssl['enc_key'] = substr(keyblk, pos, pos + key_size - 1); pos += key_size;\n _ssl['dec_key'] = substr(keyblk, pos, pos + key_size - 1); pos += key_size;\n _ssl['enc_iv'] = substr(keyblk, pos, pos + iv_size - 1); pos += iv_size;\n _ssl['dec_iv'] = substr(keyblk, pos, pos + iv_size - 1);\n\n return TRUE;\n}\n\n##\n# Hashes data.\n#\n# @anonparam data Data to be hashed.\n#\n# @return Message digest of the given data.\n##\nfunction ssl3_hash()\n{\n local_var data, desc;\n\n desc = cipher_field(name:ssl3_get_cipher_desc(), field:\"mac\");\n if (empty_or_null(desc)) return NULL;\n\n data = _FCT_ANON_ARGS[0];\n\n if ('SHA1' >< desc)\n return SHA1(data);\n\n if ('MD5' >< desc)\n return MD5(data);\n\n return NULL;\n}\n\n##\n# Compute the HMAC of the data.\n#\n# @anonparam data Data to be HMACed.\n# @anonparam key The key for the HMAC algorithm.\n#\n# @return HMAC of the given data.\n##\nfunction ssl3_hmac()\n{\n local_var data, desc, key;\n\n desc = cipher_field(name:ssl3_get_cipher_desc(), field:\"mac\");\n if (empty_or_null(desc)) return NULL;\n\n key = _FCT_ANON_ARGS[0];\n data = _FCT_ANON_ARGS[1];\n\n if ('SHA1' >< desc)\n return HMAC_SHA1(key:key, data:data);\n\n if ('MD5' >< desc)\n return HMAC_MD5(key:key, data:data);\n\n return NULL;\n}\n\n##\n# Computes the MAC of the data.\n#\n# @param client Whether the data is from the client or server.\n# @param data The data to be calculate the MAC of.\n# @param type The type of the record.\n#\n# @returns The MAC of the given data, in protocol-specific form.\n##\nfunction ssl3_mac(client, data, type)\n{\n local_var key, seq;\n\n if (isnull(client))\n client = TRUE;\n\n if (client)\n {\n key = _ssl['enc_mac_key'];\n seq = _ssl['clt_seq'];\n }\n else\n {\n key = _ssl['dec_mac_key'];\n seq = _ssl['srv_seq'];\n }\n\n # Encode the client sequence number.\n seq = mkdword(0) + mkdword(seq);\n\n if (_ssl['version'] == SSL_V3)\n {\n return ssl3_hash(\n key + # Key\n crap(data:'\\x5c', length:40) + # O-Pad\n ssl3_hash( #\n key + # Key\n crap(data:'\\x36', length:40) + # I-Pad\n seq + # 64-bit sequence number\n mkbyte(type) + # Record ID\n mkword(strlen(data)) + # Data length\n data # Data\n )\n );\n }\n\n if (_ssl['version'] == TLS_10)\n {\n return ssl3_hmac(\n key,\n seq + tls_mk_record(type:type, data:data, version:TLS_10)\n );\n }\n\n return NULL;\n}\n\n##\n# Encrypt or decrypt data.\n#\n# @anon param data input data\n# @param enc Whether to encrypt (TRUE) or decrypt (FALSE).\n#\n# @return Result of encrypting or decrypting the given data.\n##\nfunction ssl3_crypt(enc)\n{\n local_var data, desc, iv, key, out, ret;\n\n desc = cipher_field(name:ssl3_get_cipher_desc(), field:\"encrypt\");\n if (empty_or_null(desc)) return NULL;\n\n data = _FCT_ANON_ARGS[0];\n\n if (enc)\n {\n key = _ssl['enc_key'];\n iv = _ssl['enc_iv'];\n }\n else\n {\n key = _ssl['dec_key'];\n iv = _ssl['dec_iv'];\n }\n\n if ('3DES-CBC(168)' >< desc)\n {\n if (enc)\n ret = tripledes_cbc_encrypt(data:data, key:key, iv:iv);\n else\n ret = tripledes_cbc_decrypt(data:data, key:key, iv:iv);\n }\n else if ('DES-CBC(56)' >< desc)\n {\n out = des_cbc_encrypt(data:data, key:key, iv:iv, encrypt:enc);\n if (enc)\n ret = make_list(out, substr(out, strlen(out) - 8));\n else\n ret = make_list(out, substr(data, strlen(data) - 8));\n }\n else if ('AES-CBC(128)' >< desc || 'AES-CBC(256)' >< desc)\n {\n if (enc)\n ret = aes_cbc_encrypt(data:data, key:key, iv:iv);\n else\n ret = aes_cbc_decrypt(data:data, key:key, iv:iv);\n }\n\n if (isnull(ret)) return NULL;\n\n # Update IV for the next block.\n if (enc)\n _ssl['enc_iv'] = ret[1];\n else\n _ssl['dec_iv'] = ret[1];\n\n return ret[0];\n}\n\n##\n# Encrypt data with the block cipher.\n#\n# @anonparam data The data to be encrypted.\n#\n# @return The ciphertext of the given data.\n##\nfunction ssl3_encrypt()\n{\n local_var data, block_size, padlen;\n\n data = _FCT_ANON_ARGS[0];\n\n # Calculate how much padding is needed to fill the block.\n block_size = strlen(_ssl['enc_iv']);\n padlen = block_size - (strlen(data) % block_size);\n\n # Append the padding to the data.\n data += crap(data:mkbyte(padlen - 1), length:padlen);\n\n return ssl3_crypt(data, enc:TRUE);\n}\n\n##\n# Decrypt data with the block cipher.\n#\n# @anonparam data The data to be decrypted.\n#\n# @return The plaintext of the given data.\n##\nfunction ssl3_decrypt()\n{\n return ssl3_crypt(_FCT_ANON_ARGS[0], enc:FALSE);\n}\n\n##\n# Sets an error message\n#\n# @anonparam msg The error message.\n#\n# @return NULL.\n##\nfunction ssl3_set_error()\n{\n _ssl['error'] = _FCT_ANON_ARGS[0];\n\n return NULL;\n}\n\n##\n# Get last error message.\n#\n# @return Last error message.\n##\nfunction ssl3_get_lasterror()\n{\n return _ssl['error'];\n}\n\n##\n# Write data from an established SSL connection.\n#\n# @anonparam data Data to be written.\n#\n# @return TRUE for success, FALSE otherwise.\n##\nfunction ssl3_write()\n{\n local_var data, dlen, mac, rec, rlen, sent, type;\n\n data = _FCT_ANON_ARGS[0];\n\n type = SSL3_CONTENT_TYPE_APPLICATION_DATA;\n dlen = strlen(data);\n\n # Compute the MAC of the unencrypted application data.\n mac = ssl3_mac(data:data, type:type);\n\n # Append the MAC to the data and encrypt everything.\n data = ssl3_encrypt(data + mac);\n\n # Make a record and send it to the server.\n rec = ssl_mk_record(type:type, data:data, version:_ssl['version']);\n rlen = strlen(rec);\n sent = send(socket:_ssl['sock'], data:rec);\n if (sent != rlen)\n return ssl3_set_error('ssl3_write(): Only sent ' + sent + ' of ' + rlen + ' bytes to port ' + _ssl['port'] + '.');\n\n _ssl['clt_seq']++;\n\n return dlen;\n}\n\n##\n# Read data from an established SSL connection.\n#\n# @param len Number of bytes to be read.\n#\n# @return Data read, or NULL if there is an error.\n##\nfunction ssl3_read(len)\n{\n local_var computed_mac, data, dlen, embedded_mac, end, i, maclen;\n local_var msg, padlen, rec, srv_seq, start, timeout;\n\n # Return data can be split into multiple records.\n while (TRUE)\n {\n # Check if we have received enough received data to satisfy the\n # caller.\n if (len && strlen(_ssl['app_data']) >= len)\n {\n # Remove the requested amount of data from the receive buffer.\n data = substr(_ssl['app_data'], 0, len - 1);\n _ssl['app_data'] -= data;\n\n return data;\n }\n\n # Receive an SSL message.\n # Some Microsoft Exchange servers take many seconds to reply to an\n # SMTP command, causing this check to false-negative.\n # Obey a longer read timeout, but make 15 seconds the minimum to\n # cope with these servers.\n timeout = get_read_timeout();\n if (timeout < 15)\n timeout = 15;\n msg = recv_ssl(socket:_ssl['sock'], timeout:timeout);\n if (isnull(msg)) break;\n\n # Parse the message, keeping in mind that the body is encrypted.\n rec = ssl_parse(blob:msg, encrypted:TRUE);\n if (isnull(rec))\n return ssl3_set_error('ssl3_read(): Failed to parse encrypted SSL record.');\n\n # Check protocol version.\n if (rec['version'] != _ssl['version'])\n return ssl3_set_error('ssl3_read(): SSL/TLS protocol version mismatch.');\n\n # Ensure that the record isn't an alert.\n if (rec['content_type'] == SSL3_CONTENT_TYPE_ALERT)\n return ssl3_set_error('ssl3_read(): Alert received from port ' + _ssl['port'] + '.');\n\n # Decrypt the application data.\n data = ssl3_decrypt(rec['data']);\n dlen = strlen(data);\n\n # Check that padding on the data is sane.\n maclen = strlen(_ssl['enc_mac_key']);\n padlen = getbyte(blob:data, pos:dlen - 1);\n if (padlen + 1 + maclen > dlen)\n return ssl3_set_error('ssl3_read(): invalid padlen ' + padlen + '.');\n\n # Check pad bytes for TLS 1.0\n # For SSL 3.0, pad bytes can have arbitrary values\n # For TLS 1.0, each pad byte must be same as padlen\n if (_ssl['version'] >= TLS_10)\n {\n for (i = 0; i < padlen; i++)\n {\n if(ord(data[dlen - 2 -i]) != padlen)\n return ssl3_set_error('ssl3_read(): invalid block cipher padding.');\n }\n }\n\n # Extract the MAC, which is appended to the payload.\n end = dlen - (padlen + 1) - 1;\n start = end - maclen + 1;\n embedded_mac = substr(data, start, end);\n\n # Extract decrypted application data.\n end = start - 1;\n start = 0;\n data = substr(data, start, end);\n\n\n # Compute the MAC of the decrypted application data.\n computed_mac = ssl3_mac(data:data, type:rec['content_type'], client:FALSE);\n\n # Compare the embedded MAC and the computed MAC.\n if (computed_mac != embedded_mac)\n return ssl3_set_error('ssl3_read(): MACs do not match.');\n\n # The MAC was proper, so this packet is accepted.\n _ssl['srv_seq']++;\n\n # Add application data to our receive buffer.\n if (rec['content_type'] == SSL3_CONTENT_TYPE_APPLICATION_DATA)\n {\n _ssl['app_data'] += data;\n _ssl['app_recs'] += 1;\n\n\n # Check for mitigation techniques:\n # - Empty records: OpenSSL uses this technique if\n # SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS is not set.\n # - One-byte records: Microsoft uses this technique.\n #\n # Check for split-record for the first 2 app data records\n if(_ssl['app_recs'] < 3)\n {\n if (isnull(data))\n _ssl['empty_rec'] = TRUE;\n else if (strlen(data) == 1)\n _ssl['one_byte_rec'] = TRUE;\n }\n }\n }\n\n # If the read length could not be satisfied, return whatever is in\n # the receive buffer, and clear it for future calls.\n data = _ssl['app_data'];\n _ssl['app_data'] = '';\n\n if (empty_or_null(data) && socket_get_error(_ssl['sock']) == ETIMEDOUT)\n return ssl3_set_error('ssl3_read(): Server did not reply after waiting ' + timeout + ' seconds. Consider increasing the read timeout in your scan policy.');\n\n return data;\n}\n\n##\n# Disconnect from the SSL server.\n##\nfunction ssl3_disconnect()\n{\n close(_ssl['sock']);\n}\n\n##\n# Tries to make an SSL/TLS connection to the server.\n#\n# @return TRUE for success, FALSE otherwise.\n##\nfunction ssl3_connect()\n{\n local_var cert, cipher, ckex, clt_finished, clt_random;\n local_var dh_privkey, pubkey;\n local_var dh_x, e, embedded_mac, embedded_srv_finished;\n local_var end, hs, i,keyblk, len, mac, mac_size;\n local_var master, msg, n, padlen, parsed, pkt, plain, port;\n local_var premaster, rec, recs, skex, soc, srv_finished, srv_random;\n local_var start, version, x;\n\n # Get a socket to perform a handshake.\n port = _ssl['port'];\n soc = open_sock_ssl(port);\n if (!soc)\n return ssl3_set_error('ssl3_connect(): Failed to connect to port ' + port + '.');\n\n version = _ssl['version'];\n cipher = _ssl['cipher'];\n\n # Make a ClientHello msg.\n msg =\n mkword(version) + # Client version\n dec2hex(num:unixtime()) + # Challenge, epoch portion\n rand_str(length:28) + # Challenge, random portion\n ssl_vldata_put(data:'', len:1) + # Session ID\n ssl_vldata_put(data:cipher, len:2) + # Cipher spec\n ssl_vldata_put(data:'\\x00', len:1) + # Compression spec\n ssl_vldata_put(data:tls_ext_ec(keys(curve_nid.tls)), len:2); # supported curves\n msg = ssl_mk_handshake_msg(data:msg, type:SSL3_HANDSHAKE_TYPE_CLIENT_HELLO);\n rec = ssl_mk_record(type:SSL3_CONTENT_TYPE_HANDSHAKE, data:msg, version:version);\n\n # Send the ClientHello record.\n send(socket:soc, data:rec);\n\n # Parse the ClientHello record.\n parsed = ssl_parse(blob:rec);\n clt_random = mkdword(parsed['time']) + parsed['random'];\n\n # Start collecting the bodies of handshake messages, which are used\n # to generate the encrypted Finished message.\n hs = substr(rec, 5, strlen(rec) - 1);\n\n # Read records one at a time. Expect to see at a minimum:\n # ServerHello, Certificate, and ServerHelloDone.\n while (TRUE)\n {\n # Receive records from the server.\n recs = recv_ssl(socket:soc);\n if (isnull(recs))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': server did not respond to ClientHello.');\n }\n\n # Collect the body of the message, including all records.\n hs += substr(recs, 5, strlen(recs) - 1);\n\n # ServerHello: Extract the random data for computation of keys.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_SERVER_HELLO\n );\n\n if (!isnull(rec))\n {\n # Check handshake version returned by the server, and ensure\n # that it hasn't downgraded the version.\n if (rec['handshake_version'] != _ssl['version'])\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': SSL/TLS protocol version mismatch.');\n }\n\n srv_random = mkdword(rec['time']) + rec['random'];\n\n # Wacko SSL servers might return a cipher suite not in the\n # client's request list.\n if (!ssl3_cipher_in_list(mkword(rec['cipher_spec']), _ssl['cipher']))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': server returned a cipher suite not in list supported by client.');\n }\n\n # Store the negotiated cipher suite.\n _ssl['cipher'] = rec['cipher_spec'];\n _ssl['cipher_desc'] = ssl3_get_cipher_desc();\n }\n\n # Certificate: Extract the server's public key.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_CERTIFICATE\n );\n\n if (!isnull(rec) && max_index(rec['certificates']) > 0)\n {\n # First cert in the chain should be the server cert.\n cert = parse_der_cert(cert:rec['certificates'][0]);\n if (isnull(cert))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': server certificate could not be parsed.');\n }\n\n cert = cert['tbsCertificate'];\n }\n\n # Server Key Exchange.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_SERVER_KEY_EXCHANGE\n );\n\n if (!isnull(rec['data']))\n skex = ssl_parse_srv_kex(blob:rec['data'], cipher:_ssl['cipher_desc']);\n\n # Certificate Request.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_CERTIFICATE_REQUEST\n );\n\n if (!isnull(rec['data']))\n _ssl['clt_cert_requested'] = TRUE;\n\n # Server Hello Done.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_SERVER_HELLO_DONE\n );\n\n if (!isnull(rec)) break;\n }\n\n # Packet will contain ClientCertificate, ClientKeyExchange,\n # ChangeCipherSpec, and Finished.\n pkt = '';\n\n # Create an empty client certificate if one is requested.\n if (_ssl['clt_cert_requested'])\n {\n # Send an empty certificate for now. TLSv1.0 says the client can\n # send an empty certificate, but not sure what SSLv3 says.\n msg = ssl_mk_handshake_msg(\n type : SSL3_HANDSHAKE_TYPE_CERTIFICATE,\n data : ssl_vldata_put(data:NULL,len:3)\n );\n hs += msg;\n\n rec = ssl_mk_record(type:SSL3_CONTENT_TYPE_HANDSHAKE, data:msg, version:version);\n pkt += rec;\n }\n\n # Process ServerCertificate and ServerKeyExchange messages.\n var desc_kex = cipher_field(name:_ssl['cipher_desc'], field:\"kex\");\n if (desc_kex =~ \"RSA($|\\()\")\n {\n if (isnull(cert))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': No server certificate was found.');\n }\n\n if (isnull(cert['subjectPublicKeyInfo']) || isnull(cert['subjectPublicKeyInfo'][1]))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': A server certificate with an unsupported algorithm was found.');\n }\n\n n = cert['subjectPublicKeyInfo'][1][0];\n e = cert['subjectPublicKeyInfo'][1][1];\n if(isnull(n) || isnull(e))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': Failed to extract public key from server certificate.');\n }\n\n # Create the premaster secret.\n premaster = mkword(version) + rand_str(length:46);\n\n # Encrypt the premaster secret with server's RSA public key.\n ckex = rsa_public_encrypt(data:premaster, n:n, e:e);\n\n # Encode the client key exchange data.\n #\n # It looks like TLS 1.0 and up prepend a two-byte length, but the\n # RFC is vague.\n if (_ssl['version'] >= TLS_10)\n ckex = ssl_vldata_put(data:ckex, len:2);\n }\n else if (desc_kex =~ \"ECDH($|\\()\" && ecc_functions_available())\n {\n if (isnull(skex))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': no ServerKeyExchange info (ECDH).');\n }\n\n # Generate the client private key\n dh_privkey = rand_str(length:16);\n\n # Compute the premaster secret\n premaster = ecc_scalar_multiply(\n curve_nid:curve_nid.tls[skex['named_curve']],\n scalar:dh_privkey,\n x:substr(skex['pubkey'], 1, (strlen(skex['pubkey'])) / 2),\n y:substr(skex['pubkey'], (strlen(skex['pubkey']) / 2) + 1)\n );\n # Just the X coordinate of the curve point is used\n premaster = ecc_fe2osp(element:premaster.x, curve_nid:curve_nid.tls[skex['named_curve']]);\n\n # Encode the client's DH public key\n pubkey = ecc_scalar_multiply(\n curve_nid:curve_nid.tls[skex['named_curve']],\n scalar:dh_privkey\n );\n\n pubkey.x = ecc_fe2osp(element:pubkey.x, curve_nid:curve_nid.tls[skex['named_curve']]);\n pubkey.y = ecc_fe2osp(element:pubkey.y, curve_nid:curve_nid.tls[skex['named_curve']]);\n\n ckex = ssl_vldata_put(\n # Uncompressed curve point encoding\n data:'\\x04' + pubkey.x + pubkey.y,\n len:1\n );\n }\n else if (desc_kex =~ \"DH($|\\()\")\n {\n if (isnull(skex))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': no ServerKeyExchange info (DH).');\n }\n\n # Generate the client private key,\n x = rand_str(length:16);\n\n # Compute g^x mod p.\n dh_x = bn_mod_exp(skex['dh_g'], x, skex['dh_p']);\n\n # Compute the premaster secret.\n premaster = bn_mod_exp(skex['dh_y'], x, skex['dh_p']);\n\n # Encode the client key exchange data.\n ckex = ssl_vldata_put(data:dh_x, len:2);\n }\n else\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': unsupported key exchange method ' + _ssl['cipher_desc'] + '.');\n }\n\n # Create a ClientKeyExchange message.\n msg = ssl_mk_handshake_msg(type:SSL3_HANDSHAKE_TYPE_CLIENT_KEY_EXCHANGE, data:ckex);\n hs += msg;\n\n rec = ssl_mk_record(type:SSL3_CONTENT_TYPE_HANDSHAKE, data:msg, version:version);\n pkt += rec;\n\n # Compute the keys.\n master = ssl_calc_master(\n premaster : premaster,\n c_random : clt_random,\n s_random : srv_random,\n version : version\n );\n\n # For troubleshooting problems, when a PCAP is provided by a customer\n # and we need to see the encrypted application data records.\n set_kb_item(\n name:\"nss_keylog/\" + SCRIPT_NAME,\n value:\"CLIENT_RANDOM \" + hexstr(clt_random) + \" \" + hexstr(master)\n );\n\n keyblk = ssl_derive_keyblk(\n master : master,\n c_random : clt_random,\n s_random : srv_random,\n version : version\n );\n\n if (!ssl3_set_keys(keyblk))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect(): ssl3_set_keys() failed.');\n }\n\n # Compute the Finished value for the client.\n clt_finished = ssl_calc_finished(master:master, handshake:hs, is_client:TRUE, version:version);\n msg = ssl_mk_handshake_msg(type:SSL3_HANDSHAKE_TYPE_FINISHED, data:clt_finished);\n\n # Compute the Finished value for the server.\n #\n # The server has one more handshake message (the client's Finished)\n # to include when computing its Finished value.\n hs += msg;\n srv_finished = ssl_calc_finished(master:master, handshake:hs, is_client:FALSE, version:version);\n\n # Compute the HMAC of the Finished message for the client.\n mac = ssl3_mac(data:msg, type:SSL3_CONTENT_TYPE_HANDSHAKE);\n\n # Append the HMAC to the message.\n msg += mac;\n\n # Encrypt the client Finished message\n msg = ssl3_encrypt(msg);\n\n # Append the ChangeCipherSpec and Finished records to the packet.\n pkt += ssl_mk_record(type:SSL3_CONTENT_TYPE_CHANGECIPHERSPEC, data:mkbyte(1), version:version);\n pkt += ssl_mk_record(type:SSL3_CONTENT_TYPE_HANDSHAKE, data:msg, version:version);\n\n # Send the packet.\n send(socket:soc, data:pkt);\n\n while (TRUE)\n {\n # Receive records from the server.\n recs = recv_ssl(socket:soc);\n if (isnull(recs))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': server did not send the Finished message.');\n }\n\n # Finished, but it's encrypted so we can't access the handshake\n # type with ssl_parse().\n rec = ssl_find(\n blob:recs,\n encrypted:TRUE,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE\n );\n if (isnull(rec)) continue;\n\n # Decrypt the record's body.\n plain = ssl3_decrypt(rec['data']);\n\n # Get the length of the padding.\n len = strlen(plain);\n padlen = getbyte(blob:plain, pos:len - 1);\n mac_size = strlen(_ssl['enc_mac_key']);\n # Check pad length\n if (padlen + 1 + mac_size > len)\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': invalid padlen '+padlen+'.');\n }\n\n # Check pad bytes for TLS 1.0\n # Each pad byte must be the same as the padlen, per TLS 1.0 RFC\n if(_ssl['version'] >= TLS_10)\n {\n for (i = 0; i < padlen; i++)\n {\n if(ord(plain[len - 2 -i]) != padlen)\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': invalid block cipher padding.');\n }\n }\n }\n\n # Extract the MAC.\n end = len - (padlen + 1) - 1;\n start = end - mac_size + 1;\n embedded_mac = substr(plain, start, end);\n\n # Extract the Finished record.\n end = start - 1;\n start = 0;\n msg = substr(plain, start, end);\n\n # Extract the server's Finished value.\n #\n # Handshake message data starts after the 1-byte handshake type\n # and 3-byte handshake message length.\n embedded_srv_finished = substr(msg, 1 + 3);\n\n # Check the embedded MAC against ours.\n mac = ssl3_mac(data:msg, type:SSL3_CONTENT_TYPE_HANDSHAKE, client:FALSE);\n if (mac != embedded_mac)\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': MACs do not match, failed to decrypt server Finished message.');\n }\n\n # Check the embedded Finished value against ours.\n if (srv_finished != embedded_srv_finished)\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': bad server Finished message.');\n }\n\n # All tests have been passed, so the handshake phase is complete.\n break;\n }\n\n _ssl['sock'] = soc;\n _ssl['clt_seq']++;\n _ssl['srv_seq']++;\n\n return TRUE;\n}\n\n##\n# Initialize the SSL structure.\n#\n# @param port Port on which to make an SSL connection.\n# @param cipher_list A list of cipher suite IDs to support.\n# @param version The SSL version ID.\n#\n# @return TRUE if nothing went wrong.\n##\nfunction ssl3_init(port, cipher_list, version)\n{\n local_var cipher, supported;\n\n # Check for the existence of some crypto functions.\n if (!defined_func('bn_mod_exp'))\n {\n return ssl3_set_error('function bn_mod_exp() not defined.');\n }\n if (!defined_func('rsa_public_encrypt'))\n {\n return ssl3_set_error('function rsa_public_encrypt() not defined.');\n }\n if (!defined_func('aes_cbc_encrypt'))\n {\n return ssl3_set_error('function aes_cbc_encrypt() not defined.');\n }\n if (!defined_func('aes_cbc_decrypt'))\n {\n return ssl3_set_error('function aes_cbc_decrypt() not defined.');\n }\n\n # Check SSL version.\n if (version != SSL_V3 && version != TLS_10)\n {\n return ssl3_set_error('SSL/TLS version ' + hexstr(mkword(version)) + ' is not supported.');\n }\n _ssl['version'] = version;\n\n # Check cipher suites.\n supported =\n ciphers['TLS1_CK_RSA_WITH_AES_256_CBC_SHA'] +\n ciphers['TLS1_CK_RSA_WITH_AES_128_CBC_SHA'] +\n ciphers['TLS1_CK_RSA_WITH_3DES_EDE_CBC_SHA'] +\n ciphers['TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA'] +\n ciphers['TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA'] +\n ciphers['TLS1_CK_DHE_RSA_WITH_3DES_EDE_CBC_SHA'] +\n ciphers['TLS1_CK_RSA_WITH_DES_CBC_SHA'] +\n ciphers['TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA'] +\n ciphers['TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA'] +\n ciphers['TLS1_CK_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA'];\n\n foreach cipher (cipher_list)\n {\n if (!ssl3_cipher_in_list(cipher, supported))\n return ssl3_set_error(FALSE, 'cipher suite ' + hexstr(cipher) + ' is not supported.');\n }\n\n # Initially set to a list of cipher suites supported by the client.\n # When ServerHello is received, it's set to the agreed cipher.\n _ssl['cipher'] = '';\n foreach cipher (cipher_list)\n {\n _ssl['cipher'] += cipher;\n }\n\n # Sequence number is incremented for each SSL record sent in each\n # direction. It's 64 bits long and used when computing the MAC of a\n # message. We use a 32-bit sequence number here as we don't expect\n # to use more than 2^32 records. When the 64-bit number is required\n # for certain operations, we just prepend 4 zero bytes in the front.\n _ssl['clt_seq'] = 0;\n _ssl['srv_seq'] = 0;\n\n # SSL uses big endian format.\n set_byte_order(BYTE_ORDER_BIG_ENDIAN);\n\n # Keep track of whether the mitigation techniques are seen.\n _ssl['empty_rec'] = FALSE;\n _ssl['one_byte_rec'] = FALSE;\n\n # Whether a certificate has been requested by the server.\n _ssl['clt_cert_req'] = FALSE;\n\n # Keep track of received, unprocessed application data.\n _ssl['app_data'] = '';\n\n # Number of application data records received\n _ssl['app_recs'] = 0;\n\n _ssl['port'] = port;\n\n return TRUE;\n}\n\nget_kb_item_or_exit('SSL/Supported');\n\n# Get a port that uses SSL.\nport = get_ssl_ports(fork:TRUE);\n\nif (isnull(port))\n exit(1, 'The host does not appear to have any SSL-based services.');\n\n# Find out if the port is open.\nif (!get_port_state(port))\n audit(AUDIT_PORT_CLOSED, port);\n\n# Supported cipher suites used by this script.\ncipher_list = make_list(\n ciphers['TLS1_CK_RSA_WITH_AES_256_CBC_SHA'],\n ciphers['TLS1_CK_RSA_WITH_AES_128_CBC_SHA'],\n ciphers['TLS1_CK_RSA_WITH_3DES_EDE_CBC_SHA'],\n ciphers['TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA'],\n ciphers['TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA'],\n ciphers['TLS1_CK_DHE_RSA_WITH_3DES_EDE_CBC_SHA'],\n ciphers['TLS1_CK_RSA_WITH_DES_CBC_SHA']\n);\n\nif (ecc_functions_available())\n{\n # This list will be flattened on its own by make_list().\n cipher_list = make_list(\n cipher_list,\n ciphers['TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA'],\n ciphers['TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA'],\n ciphers['TLS1_CK_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA']\n );\n}\n\n\n# Try TLS 1.0 first.\nif (!ssl3_init(port:port, version:TLS_10, cipher_list:cipher_list))\n exit(1, 'ssl3_init() failed on port ' + port + ': ' + ssl3_get_lasterror());\n\n# If that failed, try SSL 3.0.\nif (!ssl3_connect())\n{\n if (!ssl3_init(port:port, version:SSL_V3, cipher_list:cipher_list))\n exit(1, 'ssl3_init() failed on port ' + port + ': ' + ssl3_get_lasterror());\n\n if (!ssl3_connect()) exit(1, ssl3_get_lasterror());\n}\n\n# Send some data to the SSL port so that some data can be returned in\n# order to test whether empty or one-byte records are used.\n\n# Create a simple HTTP GET request.\nhttp_req = http_mk_req(port:port, host:get_host_ip(), method:'GET', item:'/', add_headers:make_array('Connection','keep-alive'));\n\nsvc = known_service(port:port);\n\n# Create a service-specific message to solicit a response in order to\n# test for an empty or one-byte record.\nif (svc == 'www') req = http_mk_buffer_from_req(req:http_req);\nelse if (svc == 'smtp') req = 'EHLO client.example.org\\r\\n';\nelse if (svc == 'ftp') req = 'HELP\\r\\n';\nelse if (svc == 'ldap') req = ldap_bind_request();\nelse if (svc == 'imap') req = 'nessus CAPABILITY\\r\\n';\n\n# The following are not tested.\nelse if (svc == 'pop3') req = 'CAPA\\r\\n';\nelse if (svc == 'nntp') req = 'CAPABILITIES\\r\\n';\nelse if (svc == 'acap') req = 'nessus NOOP\\r\\n';\nelse if (svc == 'xmpp') req = '<nessus />\\n';\nelse if (svc == 'telnet') req = mkbyte(CMD_IAC) + mkbyte(CMD_DO) + mkbyte(5); # Do Status\n\n# Unknown service, send an HTTP request.\nelse req = http_mk_buffer_from_req(req:http_req);\n\n#\n# Read at least 2 application data records\n#\n# The fix for BEAST in IBMJSSE2 is to split the application data record to\n# 1/(n-1), except the first application data record.\n# So we need the second application data record to test whether it is split.\n#\nwhile(_ssl['app_recs'] < 2)\n{\n\n # Send the request.\n if (!ssl3_write(req))\n exit(1, ssl3_get_lasterror());\n\n # Read until no more application data from remote server\n data = ssl3_read();\n\n # Check response.\n if (isnull(data)) exit(1, ssl3_get_lasterror());\n if( data == '') exit(0, 'The service listening on port ' + port + ' did not return any data.');\n\n # 0/n split-record mitigation technique (OpenSSL)\n if (_ssl['empty_rec'])\n exit(0, 'The service listening on port ' + port + ' appears to use empty SSL/TLS records.');\n\n # 1/(n-1) split-record mitigation technique (MS)\n if (_ssl['one_byte_rec'])\n exit(0, 'The service listening on port ' + port + ' appears to use one-byte SSL/TLS records.');\n\n}\n\n# The SSL 3.0/TLS 1.0 server accepts a block-based cipher suite, but\n# doesn't use any mitigation techniques, so it is likely vulnerable.\nif (report_verbosity > 0)\n security_warning(port:port, extra:'\\nNegotiated cipher suite: ' + _ssl['cipher_desc'] + '\\n');\nelse\n security_warning(port);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:24:13", "description": "According to its banner, the remote host is running a version of Kerio Connect (formerly known Kerio MailServer) prior to 8.1.0. It is, therefore, affected by an information disclosure vulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.", "cvss3": {}, "published": "2014-02-07T00:00:00", "type": "nessus", "title": "Kerio Connect < 8.1.0 SSL/TLS Information Disclosure (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:kerio:connect"], "id": "KERIO_CONNECT_810.NASL", "href": "https://www.tenable.com/plugins/nessus/72393", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72393);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Kerio Connect < 8.1.0 SSL/TLS Information Disclosure (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote mail server is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote host is running a version of Kerio\nConnect (formerly known Kerio MailServer) prior to 8.1.0. It is,\ntherefore, affected by an information disclosure vulnerability, known\nas BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the\nway the initialization vector (IV) is selected when operating in\ncipher-block chaining (CBC) modes. A man-in-the-middle attacker can\nexploit this to obtain plaintext HTTP header data, by using a\nblockwise chosen-boundary attack (BCBA) on an HTTPS session, in\nconjunction with JavaScript code that uses the HTML5 WebSocket API,\nthe Java URLConnection API, or the Silverlight WebClient API.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are\nnot affected.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.kerio.com/connect/history/older\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Kerio Connect 8.1.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:kerio:connect\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"kerio_kms_641.nasl\", \"kerio_mailserver_admin_port.nasl\");\n script_require_keys(\"kerio/port\");\n script_require_ports(\"Services/kerio_mailserver_admin\", 25, 465, 587);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nport = get_kb_item_or_exit('kerio/port');\nver = get_kb_item_or_exit('kerio/'+port+'/version');\ndisplay_ver = get_kb_item_or_exit('kerio/'+port+'/display_version');\n\n# Versions prior to 7 are called MailServer; versions after are called Connect\nif (ver =~ '^[0-6]\\\\.') product = \"Kerio MailServer\";\nelse product = \"Kerio Connect\";\n\n# Workaround works for 8.0.1 and later\nif (ver =~ '^8\\\\.0\\\\.[12]([^0-9]|$)' && report_paranoia < 2) audit(AUDIT_LISTEN_NOT_VULN, product, port, display_ver);\n\nfixed_version = \"8.1.0\";\n\nif (ver_compare(ver:ver, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity)\n {\n report =\n '\\n Product : ' + product +\n '\\n Installed version : ' + display_ver +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\n\naudit(AUDIT_LISTEN_NOT_VULN, product, port, display_ver);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-30T14:46:06", "description": "The remote host is affected by an information disclosure vulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.", "cvss3": {}, "published": "2012-01-10T00:00:00", "type": "nessus", "title": "MS12-006: Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS12-006.NASL", "href": "https://www.tenable.com/plugins/nessus/57474", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57474);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"MSFT\", value:\"MS12-006\");\n script_xref(name:\"IAVB\", value:\"2012-B-0006\");\n script_xref(name:\"MSKB\", value:\"2585542\");\n script_xref(name:\"MSKB\", value:\"2638806\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"MS12-006: Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"It may be possibe to obtain sensitive information from the remote\nWindows host using the Secure Channel security package.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by an information disclosure\nvulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols\ndue to a flaw in the way the initialization vector (IV) is selected\nwhen operating in cipher-block chaining (CBC) modes. A\nman-in-the-middle attacker can exploit this to obtain plaintext HTTP\nheader data, by using a blockwise chosen-boundary attack (BCBA) on an\nHTTPS session, in conjunction with JavaScript code that uses the HTML5\nWebSocket API, the Java URLConnection API, or the Silverlight\nWebClient API.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are\nnot affected.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-006\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for XP, 2003, Vista, 2008, 7,\nand 2008 R2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS12-006';\nkbs = make_list('2585542', '2638806');\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nwinver = get_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(xp:'3', win2003:'2', vista:'2', win7:'0,1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nvuln = 0;\nif (winver == '5.2')\n{\n rootfile = hotfix_get_systemroot();\n if (!rootfile) exit(1, \"Can't get the system root.\");\n\n share = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:rootfile);\n path = ereg_replace(pattern:\"^[A-Za-z](.*)\", replace:\"\\1\", string:rootfile);\n\n login = kb_smb_login();\n pass = kb_smb_password();\n domain = kb_smb_domain();\n port = kb_smb_transport();\n\n if(! smb_session_init(timeout: get_read_timeout() + 10)) audit(AUDIT_FN_FAIL, \"smb_session_init\");\n\n hcf_init = TRUE;\n\n rc = NetUseAdd(login:login, password:pass, domain:domain, share:share);\n if (rc != 1)\n {\n NetUseDel();\n audit(AUDIT_SHARE_FAIL, share);\n }\n\n winsxs = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\\WinSxS\", string:rootfile);\n files = list_dir(basedir:winsxs, level:0, dir_pat:\"WinHTTP\", file_pat:\"^winhttp\\.dll$\", max_recurse:1);\n\n vuln += hotfix_check_winsxs(os:'5.2', sp:2, files:files, versions:make_list('5.2.3790.4929'), max_versions:make_list('5.2.3790.9999'), bulletin:bulletin, kb:'2638806');\n}\n\nkb = '2585542';\nif (!is_accessible_share()) exit(1, \"is_accessible_share() failed.\");\nif (\n # Windows 7 / Server 2008 R2\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"Schannel.dll\", version:\"6.1.7601.21861\", min_version:\"6.1.7601.21000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"Schannel.dll\", version:\"6.1.7601.17725\", min_version:\"6.1.7601.17000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"Schannel.dll\", version:\"6.1.7600.21092\", min_version:\"6.1.7600.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"Schannel.dll\", version:\"6.1.7600.16915\", min_version:\"6.1.7600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Vista / Windows Server 2008\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Schannel.dll\", version:\"6.0.6002.22742\", min_version:\"6.0.6002.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Schannel.dll\", version:\"6.0.6002.18541\", min_version:\"6.0.6002.18000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows 2003\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Schannel.dll\", version:\"5.2.3790.4935\", dir:\"\\System32\", bulletin:bulletin, kb:kb) ||\n\n # Windows XP\n hotfix_is_vulnerable(os:\"5.1\", sp:3, arch:\"x86\", file:\"Schannel.dll\", version:\"5.1.2600.6175\", dir:\"\\System32\", bulletin:bulletin, kb:kb)\n)\n{\n vuln++;\n hotfix_check_fversion_end();\n}\nhotfix_check_fversion_end();\n\nif (vuln)\n{\n set_kb_item(name:\"SMB/Missing/\"+bulletin, value:TRUE);\n hotfix_security_warning();\n\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, 'affected');\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:50:12", "description": "The version of Oracle HTTP Server installed on the remote host is affected by an information disclosure vulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API.", "cvss3": {}, "published": "2015-01-27T00:00:00", "type": "nessus", "title": "Oracle Fusion Middleware Security Service Information Disclosure (January 2015 CPU) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:http_server"], "id": "ORACLE_HTTP_SERVER_CPU_JAN_2015_LDAP.NASL", "href": "https://www.tenable.com/plugins/nessus/81003", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81003);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Oracle Fusion Middleware Security Service Information Disclosure (January 2015 CPU) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle HTTP Server installed on the remote host is\naffected by an information disclosure vulnerability, known as BEAST,\nin the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the\ninitialization vector (IV) is selected when operating in cipher-block\nchaining (CBC) modes. A man-in-the-middle attacker can exploit this to\nobtain plaintext HTTP header data, by using a blockwise\nchosen-boundary attack (BCBA) on an HTTPS session, in conjunction with\nJavaScript code that uses the HTML5 WebSocket API, the Java\nURLConnection API, or the Silverlight WebClient API.\");\n # https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?75c6cafb\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2015 Oracle\nCritical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:http_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_http_server_installed.nbin\");\n script_require_keys(\"Oracle/OHS/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"oracle_rdbms_cpu_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"Oracle/OHS/Installed\");\ninstalls = get_kb_list_or_exit(\"Oracle/OHS/*/Version\");\nhascomp = FALSE;\n\n# For this check, we need Middleware home which should be\n# oracle_common one directory up\nforeach install (keys(installs))\n{\n mwohome = install - 'Oracle/OHS/';\n mwohome = mwohome - '/Version';\n\n mwohome = ereg_replace(pattern:'^(/.*/).*$', string:mwohome, replace:\"\\1oracle_common\");\n\n # Make sure the component that is being patched exists in\n # the Middleware home\n if (find_oracle_component_in_ohome(ohome:mwohome, compid:'oracle.ldap.rsf'))\n {\n hascomp = TRUE;\n mwinstalls[mwohome] = installs[install];\n }\n}\n\npatches = make_array();\npatches['12.1.3.0'] = make_list('19485414','22557350', '26398022', '24329181', '27244723', '30112527', '30692958');\npatches['12.1.2.0'] = make_list('19485397', '21768251', '21773977');\n\nif(hascomp)\n{\n oracle_product_check_vuln(\n product : 'Oracle HTTP Server',\n installs : mwinstalls,\n patches : patches\n );\n}\nelse exit(0, 'No Middleware Homes were found with the oracle.ldap.rsf component.');\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T15:36:34", "description": "NSS_NSPR_JSS 3.13.1 Solaris: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2 M.\nDate this patch was last updated by Sun : Feb/08/12", "cvss3": {}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 125358-15 (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:125358", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_125358-15.NASL", "href": "https://www.tenable.com/plugins/nessus/107424", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107424);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Solaris 10 (sparc) : 125358-15 (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 125358-15\");\n script_set_attribute(attribute:\"description\", value:\n\"NSS_NSPR_JSS 3.13.1 Solaris: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2 M.\nDate this patch was last updated by Sun : Feb/08/12\");\n script_set_attribute(attribute:\"see_also\", value:\"https://getupdates.oracle.com/readme/125358-15\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install patch 125358-15 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:125358\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Solaris Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWjss\", version:\"4.2.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWpr\", version:\"4.6.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWprd\", version:\"4.6.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWtls\", version:\"3.11.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWtlsd\", version:\"3.11.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWtlsu\", version:\"3.11.4,REV=2006.11.16.20.40\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWjss / SUNWpr / SUNWprd / SUNWtls / SUNWtlsd / SUNWtlsu\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:48:50", "description": "The latest version of Firefox and Thunderbird have the following changes :\n\n - Added Type Inference, significantly improving JavaScript performance\n\n - Added support for querying Do Not Track status via JavaScript\n\n - Added support for font-stretch\n\n - Improved support for text-overflow\n\n - Improved standards support for HTML5, MathML, and CSS\n\n - Fixed several stability issues\n\n - Fixed several security issues\n\nUpdate nss to 3.13.1\n\nYou can find the new features and bug fixes in NSS 3.13 and 3.13.1 with these Bugzilla queries :\n\nhttps://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FI XED&classification=Components&query_format=advanced&target_milestone=3 .13&product=NSS\n\nand\n\nhttps://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FI XED&classification=Components&query_format=advanced&target_milestone=3 .13.1&product=NSS\n\nNotable changes include :\n\n1. SSL 2.0 is disabled by default.\n\n2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n\n3. SHA-224 is supported.\n\n4. Added PORT_ErrorToString and PORT_ErrorToName to return the error message and symbolic name of an NSS error code.\n\n5. Added NSS_GetVersion to return the NSS version string.\n\n6. Added experimental support of RSA-PSS to the softoken only (contributed by Hanno Bock, http://rsapss.hboeck.de/).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-12-23T00:00:00", "type": "nessus", "title": "Fedora 16 : firefox-9.0-3.fc16 / nss-3.13.1-9.fc16 / nss-softokn-3.13.1-14.fc16 / etc (2011-17400)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:firefox", "p-cpe:/a:fedoraproject:fedora:nss", "p-cpe:/a:fedoraproject:fedora:nss-softokn", "p-cpe:/a:fedoraproject:fedora:nss-util", "p-cpe:/a:fedoraproject:fedora:thunderbird", "p-cpe:/a:fedoraproject:fedora:thunderbird-lightning", "p-cpe:/a:fedoraproject:fedora:xulrunner", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2011-17400.NASL", "href": "https://www.tenable.com/plugins/nessus/57389", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-17400.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57389);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(51133, 51134, 51135, 51136, 51137, 51138, 51139);\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n\n script_name(english:\"Fedora 16 : firefox-9.0-3.fc16 / nss-3.13.1-9.fc16 / nss-softokn-3.13.1-14.fc16 / etc (2011-17400)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The latest version of Firefox and Thunderbird have the following\nchanges :\n\n - Added Type Inference, significantly improving JavaScript\n performance\n\n - Added support for querying Do Not Track status via\n JavaScript\n\n - Added support for font-stretch\n\n - Improved support for text-overflow\n\n - Improved standards support for HTML5, MathML, and CSS\n\n - Fixed several stability issues\n\n - Fixed several security issues\n\nUpdate nss to 3.13.1\n\nYou can find the new features and bug fixes in NSS 3.13 and 3.13.1\nwith these Bugzilla queries :\n\nhttps://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FI\nXED&classification=Components&query_format=advanced&target_milestone=3\n.13&product=NSS\n\nand\n\nhttps://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FI\nXED&classification=Components&query_format=advanced&target_milestone=3\n.13.1&product=NSS\n\nNotable changes include :\n\n1. SSL 2.0 is disabled by default.\n\n2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext\nattack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by\ndefault. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable\nit.\n\n3. SHA-224 is supported.\n\n4. Added PORT_ErrorToString and PORT_ErrorToName to return the error\nmessage and symbolic name of an NSS error code.\n\n5. Added NSS_GetVersion to return the NSS version string.\n\n6. Added experimental support of RSA-PSS to the softoken only\n(contributed by Hanno Bock, http://rsapss.hboeck.de/).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://rsapss.hboeck.de/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rsapss.hboeck.de/\"\n );\n # https://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FIXED&classification=Components&query_format=advanced&target_milestone=3.13&product=NSS\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c50d6ac0\"\n );\n # https://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FIXED&classification=Components&query_format=advanced&target_milestone=3.13.1&product=NSS\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?132ae2a7\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071320.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1fa18268\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071321.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?92f4593c\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071322.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a6791be1\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071323.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?05d0db8f\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071324.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b974e724\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071325.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af682fa6\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071326.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?01c5fc18\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird-lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"firefox-9.0-3.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"nss-3.13.1-9.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"nss-softokn-3.13.1-14.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"nss-util-3.13.1-3.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"thunderbird-9.0-4.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"thunderbird-lightning-1.1-0.1.rc1.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"xulrunner-9.0-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / nss / nss-softokn / nss-util / thunderbird / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:14:18", "description": "According to its SIP banner, the version of Asterisk running on the remote host is affected by the following vulnerabilities :\n\n - An information disclosure vulnerability, known as BEAST, exists in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API. (CVE-2011-3389)\n\n - An integer overflow condition exists in sip.conf due to improper validation of user-supplied input when handling 'timert1' values. A remote attacker can exploit this to cause a denial of service.\n\n - An unspecified flaw exists due to improper handling of FAT data in UDPTL packets. A remote attacker can exploit this to cause a denial of service.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2016-02-12T00:00:00", "type": "nessus", "title": "Asterisk Multiple Vulnerabilities (AST-2016-001 - AST-2016-003) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:digium:asterisk"], "id": "ASTERISK_AST_2016_003.NASL", "href": "https://www.tenable.com/plugins/nessus/88715", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88715);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(\n 49778,\n 82651,\n 82656,\n 82670\n );\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Asterisk Multiple Vulnerabilities (AST-2016-001 - AST-2016-003) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A telephony application running on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its SIP banner, the version of Asterisk running on the\nremote host is affected by the following vulnerabilities :\n\n - An information disclosure vulnerability, known as BEAST,\n exists in the SSL 3.0 and TLS 1.0 protocols due to a\n flaw in the way the initialization vector (IV) is\n selected when operating in cipher-block chaining (CBC)\n modes. A man-in-the-middle attacker can exploit this\n to obtain plaintext HTTP header data, by using a\n blockwise chosen-boundary attack (BCBA) on an HTTPS\n session, in conjunction with JavaScript code that uses\n the HTML5 WebSocket API, the Java URLConnection API,\n or the Silverlight WebClient API. (CVE-2011-3389)\n\n - An integer overflow condition exists in sip.conf due to\n improper validation of user-supplied input when handling\n 'timert1' values. A remote attacker can exploit this to\n cause a denial of service.\n\n - An unspecified flaw exists due to improper handling of\n FAT data in UDPTL packets. A remote attacker can exploit\n this to cause a denial of service.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2016-001.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2016-002.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2016-003.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Asterisk version 11.21.1 / 13.7.1 / 11.6-cert12 /\n13.1-cert3. Alternatively, apply the appropriate patch referenced in\nthe vendor advisories.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/12\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:digium:asterisk\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"asterisk_detection.nasl\");\n script_require_keys(\"asterisk/sip_detected\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"asterisk/sip_detected\");\n\nasterisk_kbs = get_kb_list_or_exit(\"sip/asterisk/*/version\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nis_vuln = FALSE;\nnot_vuln_installs = make_list();\nerrors = make_list();\n\nforeach kb_name (keys(asterisk_kbs))\n{\n vulnerable = 0;\n patch_only = FALSE;\n\n matches = eregmatch(pattern:\"/(udp|tcp)/([0-9]+)/version\", string:kb_name);\n if (isnull(matches))\n {\n errors = make_list(errors, \"Unexpected error parsing port number from '\"+kb_name+\"'.\");\n continue;\n }\n\n proto = matches[1];\n port = matches[2];\n version = asterisk_kbs[kb_name];\n\n if (version == 'unknown')\n {\n errors = make_list(errors, \"Unable to obtain version of install on \" + proto + \"/\" + port + \".\");\n continue;\n }\n\n banner = get_kb_item(\"sip/asterisk/\" + proto + \"/\" + port + \"/source\");\n if (!banner)\n {\n # We have version but banner is missing;\n # log error and use in version-check though.\n errors = make_list(errors, \"KB item 'sip/asterisk/\" + proto + \"/\" + port + \"/source' is missing.\");\n banner = 'unknown';\n }\n\n # Open Source 1.8.x\n # Patch does not change version.\n if (version =~ \"^1\\.8([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"See vendor for patch information.\";\n patch_only = TRUE;\n }\n\n # Open Source 11.x\n if (version =~ \"^11([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"11.21.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Open Source 12.x\n # Patch does not change version\n else if (version =~ \"^12([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"See vendor for patch information.\";\n patch_only = TRUE;\n }\n\n # Open Source 13.x\n else if (version =~ \"^13([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"13.7.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Asterisk Certified 1.8.28-certx\n # Patch does not change version.\n else if (version =~ \"^1\\.8\\.28([^0-9])\" && \"cert\" >< tolower(version))\n {\n fixed = \"See vendor for patch information.\";\n patch_only = TRUE;\n }\n\n # Asterisk Certified 11.6-certx\n else if (version =~ \"^11\\.6([^0-9])\" && \"cert\" >< tolower(version))\n {\n fixed = \"11.6-cert12\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Asterisk Certified 13.1-certx < 13.1-cert2\n else if (version =~ \"^13\\.1([^0-9])\" && \"cert\" >< tolower(version))\n {\n fixed = \"13.1-cert3\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n if (vulnerable < 0 || patch_only == TRUE)\n {\n is_vuln = TRUE;\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed +\n '\\n';\n security_warning(port:port, proto:proto, extra:report);\n }\n else security_warning(port:port, proto:proto);\n }\n else not_vuln_installs = make_list(not_vuln_installs, version + \" on port \" + proto + \"/\" + port);\n}\n\nif (max_index(errors))\n{\n if (max_index(errors) == 1) errmsg = errors[0];\n else errmsg = 'Errors were encountered verifying installs : \\n ' + join(errors, sep:'\\n ');\n\n exit(1, errmsg);\n}\nelse\n{\n installs = max_index(not_vuln_installs);\n if (installs == 0)\n {\n if (is_vuln) exit(0);\n else audit(AUDIT_NOT_INST, \"Asterisk\");\n }\n else audit(AUDIT_INST_VER_NOT_VULN, \"Asterisk\", not_vuln_installs);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T15:37:01", "description": "NSS_NSPR_JSS 3.13.1 Solaris_x86: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.\nDate this patch was last updated by Sun : Feb/08/12", "cvss3": {}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 125359-15 (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:125359", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_125359-15.NASL", "href": "https://www.tenable.com/plugins/nessus/107926", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107926);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Solaris 10 (x86) : 125359-15 (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 125359-15\");\n script_set_attribute(attribute:\"description\", value:\n\"NSS_NSPR_JSS 3.13.1 Solaris_x86: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.\nDate this patch was last updated by Sun : Feb/08/12\");\n script_set_attribute(attribute:\"see_also\", value:\"https://getupdates.oracle.com/readme/125359-15\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install patch 125359-15 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:125359\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Solaris Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWjss\", version:\"4.2.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWpr\", version:\"4.6.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWprd\", version:\"4.6.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWtls\", version:\"3.11.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWtlsd\", version:\"3.11.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWtlsu\", version:\"3.11.4,REV=2006.11.16.21.41\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWjss / SUNWpr / SUNWprd / SUNWtls / SUNWtlsd / SUNWtlsu\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T14:39:24", "description": "The latest version of Firefox and Thunderbird have the following changes :\n\n - Added Type Inference, significantly improving JavaScript performance\n\n - Added support for querying Do Not Track status via JavaScript\n\n - Added support for font-stretch\n\n - Improved support for text-overflow\n\n - Improved standards support for HTML5, MathML, and CSS\n\n - Fixed several stability issues\n\n - Fixed several security issues\n\nNotable nss changes include :\n\n1. SSL 2.0 is disabled by default.\n\n2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n\n3. SHA-224 is supported.\n\n4. Added PORT_ErrorToString and PORT_ErrorToName to return the error message and symbolic name of an NSS error code.\n\n5. Added NSS_GetVersion to return the NSS version string.\n\n6. Added experimental support of RSA-PSS to the softoken only (contributed by Hanno Bock, http://rsapss.hboeck.de/).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "nessus", "title": "Fedora 15 : firefox-9.0.1-1.fc15 / gnome-python2-extras-2.25.3-35.fc15.4 / nspr-4.8.9-2.fc15 / etc (2011-17399)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:firefox", "p-cpe:/a:fedoraproject:fedora:gnome-python2-extras", "p-cpe:/a:fedoraproject:fedora:nspr", "p-cpe:/a:fedoraproject:fedora:nss", "p-cpe:/a:fedoraproject:fedora:nss-softokn", "p-cpe:/a:fedoraproject:fedora:nss-util", "p-cpe:/a:fedoraproject:fedora:perl-gtk2-mozembed", "p-cpe:/a:fedoraproject:fedora:thunderbird", "p-cpe:/a:fedoraproject:fedora:thunderbird-lightning", "p-cpe:/a:fedoraproject:fedora:xulrunner", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-17399.NASL", "href": "https://www.tenable.com/plugins/nessus/57622", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-17399.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57622);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n\n script_name(english:\"Fedora 15 : firefox-9.0.1-1.fc15 / gnome-python2-extras-2.25.3-35.fc15.4 / nspr-4.8.9-2.fc15 / etc (2011-17399)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The latest version of Firefox and Thunderbird have the following\nchanges :\n\n - Added Type Inference, significantly improving JavaScript\n performance\n\n - Added support for querying Do Not Track status via\n JavaScript\n\n - Added support for font-stretch\n\n - Improved support for text-overflow\n\n - Improved standards support for HTML5, MathML, and CSS\n\n - Fixed several stability issues\n\n - Fixed several security issues\n\nNotable nss changes include :\n\n1. SSL 2.0 is disabled by default.\n\n2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext\nattack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by\ndefault. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable\nit.\n\n3. SHA-224 is supported.\n\n4. Added PORT_ErrorToString and PORT_ErrorToName to return the error\nmessage and symbolic name of an NSS error code.\n\n5. Added NSS_GetVersion to return the NSS version string.\n\n6. Added experimental support of RSA-PSS to the softoken only\n(contributed by Hanno Bock, http://rsapss.hboeck.de/).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://rsapss.hboeck.de/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rsapss.hboeck.de/\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072222.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?47ee3616\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072223.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12cc855e\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072224.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0bf1b5d3\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072225.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3c745d9a\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072226.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?648a9ef9\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072227.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9ab134ef\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072228.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2aa50f32\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072229.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9f1fb28a\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072230.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0e3ea6b9\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072231.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a402c324\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-python2-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-Gtk2-MozEmbed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird-lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"firefox-9.0.1-1.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"gnome-python2-extras-2.25.3-35.fc15.4\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"nspr-4.8.9-2.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"nss-3.13.1-10.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"nss-softokn-3.13.1-15.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"nss-util-3.13.1-3.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"perl-Gtk2-MozEmbed-0.09-1.fc15.8\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"thunderbird-9.0-4.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"thunderbird-lightning-1.1-0.1.rc1.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"xulrunner-9.0.1-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / gnome-python2-extras / nspr / nss / nss-softokn / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T14:48:14", "description": "Matthias Andree reports :\n\nFetchmail version 6.3.9 enabled 'all SSL workarounds' (SSL_OP_ALL) which contains a switch to disable a countermeasure against certain attacks against block ciphers that permit guessing the initialization vectors, providing that an attacker can make the application (fetchmail) encrypt some data for him -- which is not easily the case.\n\nStream ciphers (such as RC4) are unaffected.\n\nCredits to Apple Product Security for reporting this.", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "nessus", "title": "FreeBSD : fetchmail -- chosen plaintext attack against SSL CBC initialization vectors (18ce9a90-f269-11e1-be53-080027ef73ec) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:fetchmail", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_18CE9A90F26911E1BE53080027EF73EC.NASL", "href": "https://www.tenable.com/plugins/nessus/61725", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61725);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"FreeBSD : fetchmail -- chosen plaintext attack against SSL CBC initialization vectors (18ce9a90-f269-11e1-be53-080027ef73ec) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Matthias Andree reports :\n\nFetchmail version 6.3.9 enabled 'all SSL workarounds' (SSL_OP_ALL)\nwhich contains a switch to disable a countermeasure against certain\nattacks against block ciphers that permit guessing the initialization\nvectors, providing that an attacker can make the application\n(fetchmail) encrypt some data for him -- which is not easily the case.\n\nStream ciphers (such as RC4) are unaffected.\n\nCredits to Apple Product Security for reporting this.\");\n # https://vuxml.freebsd.org/freebsd/18ce9a90-f269-11e1-be53-080027ef73ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1aeae316\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:fetchmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"fetchmail>=6.3.9<6.3.22\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-01T15:10:43", "description": "According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 6.4.10 or 7.0.0-OD-02. It is, therefore, potentially affected by a security feature bypass vulnerability, known as Bar Mitzvah, due to improper combination of state data with key data by the RC4 cipher algorithm during the initialization phase. A man-in-the-middle attacker can exploit this, via a brute-force attack using LSB values, to decrypt the traffic.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2015-12-07T00:00:00", "type": "nessus", "title": "Atlassian JIRA < 6.4.10 / 7.0.0-OD-02 MitM Plaintext Disclosure (Bar Mitzvah)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-2808"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:atlassian:jira"], "id": "JIRA_6_4_10.NASL", "href": "https://www.tenable.com/plugins/nessus/87218", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87218);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2015-2808\");\n script_bugtraq_id(73684);\n\n script_name(english:\"Atlassian JIRA < 6.4.10 / 7.0.0-OD-02 MitM Plaintext Disclosure (Bar Mitzvah)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts a web application that is potentially\naffected by a security feature bypass vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the instance of\nAtlassian JIRA hosted on the remote web server is prior to 6.4.10 or\n7.0.0-OD-02. It is, therefore, potentially affected by a security\nfeature bypass vulnerability, known as Bar Mitzvah, due to improper\ncombination of state data with key data by the RC4 cipher algorithm\nduring the initialization phase. A man-in-the-middle attacker can\nexploit this, via a brute-force attack using LSB values, to decrypt\nthe traffic.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4bbf45ac\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Atlassian JIRA version 6.4.10 / 7.0.0-OD-02 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-2808\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/07\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:atlassian:jira\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jira_detect.nasl\");\n script_require_keys(\"installed_sw/Atlassian JIRA\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 8080);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"http.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp_name = \"Atlassian JIRA\";\nget_install_count(app_name:app_name, exit_if_zero:TRUE);\n\nport = get_http_port(default:8080);\n\ninstall = get_single_install(\n app_name : app_name,\n port : port,\n exit_if_unknown_ver : TRUE\n);\n\n# Prevent potential false positives.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\ndir = install['path'];\nver = install['version'];\n\nurl = build_url(port:port, qs:dir);\n\nfix = NULL;\n\n# Match versions 7.x.x - 7.0.0-OD-01\nif (ver =~ \"^(7\\.0\\.0|7\\.0\\.0-OD-(0[01]))$\")\n fix = \"7.0.0-OD-02\";\n\n# Match versions 1.x - 6.4.9\nif (ver =~ \"^([0-6]\\.[0-4]|[0-5]\\.[0-9]|[0-5]\\.[0-9][0-9]|[0-5]\\.[0-9][0-9]\\.[0-9]|[0-6]\\.[0-3]\\.[1-9][0-9]|[0-6]\\.[0-4]\\.[0-9])$\")\n fix = \"6.4.10\";\n\nif (!isnull(fix))\n{\n if (report_verbosity > 0)\n { \n report =\n '\\n URL : ' + url +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + \"6.4.10 / 7.0.0-OD-02\" +\n '\\n';\n\n security_warning(port:port, extra:report);\n }\n else security_warning(port:port);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app_name, url, ver);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T16:05:37", "description": "The remote host is missing AIX PTF U863668, which is related to the security of the package bos.net.tcp.server.\n\nProduct could allow a remote attacker to obtain sensitive information, caused by a design error when using the SSLv3 protocol. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via a POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt SSL sessions and access the plaintext of encrypted connections.", "cvss3": {}, "published": "2015-12-04T00:00:00", "type": "nessus", "title": "AIX 6.1 TL 9 : bos.net.tcp.server (U863668) (Bar Mitzvah)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-2808"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:6.1"], "id": "AIX_U863668.NASL", "href": "https://www.tenable.com/plugins/nessus/87185", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were extracted\n# from AIX Security PTF U863668. The text itself is copyright (C)\n# International Business Machines Corp.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87185);\n script_version(\"2.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-2808\");\n\n script_name(english:\"AIX 6.1 TL 9 : bos.net.tcp.server (U863668) (Bar Mitzvah)\");\n script_summary(english:\"Check for PTF U863668\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is missing AIX PTF U863668, which is related to the\nsecurity of the package bos.net.tcp.server.\n\nProduct could allow a remote attacker to obtain sensitive information,\ncaused by a design error when using the SSLv3 protocol. A remote user\nwith the ability to conduct a man-in-the-middle attack could exploit\nthis vulnerability via a POODLE (Padding Oracle On Downgraded Legacy\nEncryption) attack to decrypt SSL sessions and access the plaintext of\nencrypted connections.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www-01.ibm.com/support/docview.wss?uid=isg1IV73976\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www-01.ibm.com/support/docview.wss?uid=isg1IV74927\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate missing security-related fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/08\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AIX/oslevel\", \"Host/AIX/version\", \"Host/AIX/lslpp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif ( aix_check_patch(ml:\"610009\", patch:\"U863668\", package:\"bos.net.tcp.server.6.1.9.100\") < 0 ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-20T15:45:15", "description": "The version of IBM HTTP Server running on the remote host is affected by a vulnerability. The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the 'Bar Mitzvah' issue.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-16T00:00:00", "type": "nessus", "title": "IBM HTTP Server 8.5.0.0 <= 8.5.5.5 / 8.0.0.0 <= 8.0.0.10 / 7.0.0.0 <= 7.0.0.37 Information Disclosure (260001)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-2808"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:ibm:http_server"], "id": "IBM_HTTP_SERVER_260001.NASL", "href": "https://www.tenable.com/plugins/nessus/144303", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144303);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2015-2808\");\n script_bugtraq_id(73684);\n\n script_name(english:\"IBM HTTP Server 8.5.0.0 <= 8.5.5.5 / 8.0.0.0 <= 8.0.0.10 / 7.0.0.0 <= 7.0.0.37 Information Disclosure (260001)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM HTTP Server running on the remote host is affected by a vulnerability. The RC4 algorithm, as used in\nthe TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase,\nwhich makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream\nby sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a\nbrute-force approach involving LSB values, aka the 'Bar Mitzvah' issue.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/support/pages/node/260001\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM HTTP Server version 8.5.5.6, 8.0.0.11, 7.0.0.39 or later. Alternatively, upgrade to the minimal fix pack\nlevel required by the interim fix and then apply Interim Fix PI34229.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-2808\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:http_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ibm_http_server_nix_installed.nbin\");\n script_require_keys(\"installed_sw/IBM HTTP Server (IHS)\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'IBM HTTP Server (IHS)';\n\napp_info = vcf::get_app_info(app:app);\nvcf::check_granularity(app_info:app_info, sig_segments:4);\n\n if ('PI34229' >< app_info['Fixes'])\n audit(AUDIT_INST_VER_NOT_VULN, app);\n\nconstraints = [\n { 'min_version' : '8.5.0.0', 'max_version' : '8.5.5.5', 'fixed_display' : '8.5.5.6 or Interim Fix PI34229'},\n { 'min_version' : '8.0.0.0', 'max_version' : '8.0.0.10', 'fixed_display' : '8.0.0.11 or Interim Fix PI34229'},\n { 'min_version' : '7.0.0.0', 'max_version' : '7.0.0.37', 'fixed_display' : '7.0.0.39 or Interim Fix PI34229'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:15:12", "description": "The remote host is missing AIX PTF U867669, which is related to the security of the package bos.net.tcp.server.\n\nProduct could allow a remote attacker to obtain sensitive information, caused by a design error when using the SSLv3 protocol. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability via a POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt SSL sessions and access the plaintext of encrypted connections.", "cvss3": {}, "published": "2016-02-29T00:00:00", "type": "nessus", "title": "AIX 7.1 TL 3 : bos.net.tcp.server (U867669) (Bar Mitzvah)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-2808"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_U867669.NASL", "href": "https://www.tenable.com/plugins/nessus/88993", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were extracted\n# from AIX Security PTF U867669. The text itself is copyright (C)\n# International Business Machines Corp.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88993);\n script_version(\"2.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-2808\");\n\n script_name(english:\"AIX 7.1 TL 3 : bos.net.tcp.server (U867669) (Bar Mitzvah)\");\n script_summary(english:\"Check for PTF U867669\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is missing AIX PTF U867669, which is related to the\nsecurity of the package bos.net.tcp.server.\n\nProduct could allow a remote attacker to obtain sensitive information,\ncaused by a design error when using the SSLv3 protocol. A remote user\nwith the ability to conduct a man-in-the-middle attack could exploit\nthis vulnerability via a POODLE (Padding Oracle On Downgraded Legacy\nEncryption) attack to decrypt SSL sessions and access the plaintext of\nencrypted connections.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www-01.ibm.com/support/docview.wss?uid=isg1IV73975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www-01.ibm.com/support/docview.wss?uid=isg1IV74929\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate missing security-related fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/08\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AIX/oslevel\", \"Host/AIX/version\", \"Host/AIX/lslpp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\n\nif ( aix_check_patch(ml:\"710003\", patch:\"U867669\", package:\"bos.net.tcp.server.7.1.3.46\") < 0 ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T16:01:31", "description": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the 'Bar Mitzvah' issue.\n(CVE-2015-2808)", "cvss3": {}, "published": "2015-09-18T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : SSL/TLS RC4 vulnerability (K16864) (Bar Mitzvah)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-2808"], "modified": "2021-03-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL16864.NASL", "href": "https://www.tenable.com/plugins/nessus/86010", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K16864.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86010);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2015-2808\");\n script_bugtraq_id(73684);\n\n script_name(english:\"F5 Networks BIG-IP : SSL/TLS RC4 vulnerability (K16864) (Bar Mitzvah)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The RC4 algorithm, as used in the TLS protocol and SSL protocol, does\nnot properly combine state data with key data during the\ninitialization phase, which makes it easier for remote attackers to\nconduct plaintext-recovery attacks against the initial bytes of a\nstream by sniffing network traffic that occasionally relies on keys\naffected by the Invariance Weakness, and then using a brute-force\napproach involving LSB values, aka the 'Bar Mitzvah' issue.\n(CVE-2015-2808)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K16864\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K16864.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/18\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K16864\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.5.3\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"11.6.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"11.4.0-11.5.3\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"11.6.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.6.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.6.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.5.3\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.6.0\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.6.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.5.3\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.6.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.5.3\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"11.6.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2018-01-08T12:56:16", "description": "Check for the Version of nss", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:863804", "href": "http://plugins.openvas.org/nasl.php?oid=863804", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss on Fedora 16\";\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to\n support cross-platform development of security-enabled client and\n server applications. Applications built with NSS can support SSL v2\n and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509\n v3 certificates, and other security standards.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071325.html\");\n script_id(863804);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:18:59 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for nss FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.13.1~9.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:56:45", "description": "Check for the Version of xulrunner", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for xulrunner FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:863960", "href": "http://plugins.openvas.org/nasl.php?oid=863960", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xulrunner on Fedora 16\";\ntag_insight = \"XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM\n applications that are as rich as Firefox and Thunderbird. It provides mechanisms\n for installing, upgrading, and uninstalling these applications. XULRunner also\n provides libxul, a solution which allows the embedding of Mozilla technologies\n in other projects and products.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071326.html\");\n script_id(863960);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:38:35 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for xulrunner FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xulrunner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~9.0~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for xulrunner FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863960", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863960", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071326.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863960\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:38:35 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for xulrunner FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xulrunner'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"xulrunner on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~9.0~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:01", "description": "The remote host is missing an update to curl\nannounced via advisory DSA 2398-2.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2398-2 (curl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231071249", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071249", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2398_2.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2398-2 (curl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71249\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2011-3389\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:55:40 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Debian Security Advisory DSA 2398-2 (curl)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202398-2\");\n script_tag(name:\"insight\", value:\"cURL is a command-line tool and library for transferring data with URL\nsyntax. It was discovered that the countermeasures against the\nDai/Rogaway chosen-plaintext attack on SSL/TLS (CVE-2011-3389,\nBEAST) cause interoperability issues with some server\nimplementations. This update ads the the CURLOPT_SSL_OPTIONS and\nCURLSSLOPT_ALLOW_BEAST options to the library, and the\n\n - --ssl-allow-beast option to the curl program.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2.1+squeeze2.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your curl packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to curl\nannounced via advisory DSA 2398-2.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"curl\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-03T10:56:34", "description": "Check for the Version of gnome-python2-extras", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-python2-extras FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:863695", "href": "http://plugins.openvas.org/nasl.php?oid=863695", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-python2-extras FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-python2-extras on Fedora 15\";\ntag_insight = \"The gnome-python-extra package contains the source packages for additional\n Python bindings for GNOME. It should be used together with gnome-python.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072231.html\");\n script_id(863695);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:46 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for gnome-python2-extras FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnome-python2-extras\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-python2-extras\", rpm:\"gnome-python2-extras~2.25.3~35.fc15.4\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-06T13:06:49", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:864070", "href": "http://plugins.openvas.org/nasl.php?oid=864070", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"firefox on Fedora 16\";\ntag_insight = \"Mozilla Firefox is an open-source web browser, designed for standards\n compliance, performance and portability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071322.html\");\n script_id(864070);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:06:55 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for firefox FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~9.0~3.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:57:30", "description": "Check for the Version of thunderbird-lightning", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird-lightning FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:863699", "href": "http://plugins.openvas.org/nasl.php?oid=863699", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird-lightning FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird-lightning on Fedora 15\";\ntag_insight = \"Lightning brings the Sunbird calendar to the popular email client,\n Mozilla Thunderbird. Since it's an extension, Lightning is tightly\n integrated with Thunderbird, allowing it to easily perform email-related\n calendaring tasks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072223.html\");\n script_id(863699);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:55 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for thunderbird-lightning FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird-lightning\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird-lightning\", rpm:\"thunderbird-lightning~1.1~0.1.rc1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-11T11:07:35", "description": "Check for the Version of thunderbird-lightning", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird-lightning FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:864037", "href": "http://plugins.openvas.org/nasl.php?oid=864037", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird-lightning FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird-lightning on Fedora 16\";\ntag_insight = \"Lightning brings the Sunbird calendar to the popular email client,\n Mozilla Thunderbird. Since it's an extension, Lightning is tightly\n integrated with Thunderbird, allowing it to easily perform email-related\n calendaring tasks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071321.html\");\n script_id(864037);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:04:19 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for thunderbird-lightning FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird-lightning\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird-lightning\", rpm:\"thunderbird-lightning~1.1~0.1.rc1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:58:28", "description": "Check for the Version of nss-util", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:863691", "href": "http://plugins.openvas.org/nasl.php?oid=863691", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss-util on Fedora 15\";\ntag_insight = \"Utilities for Network Security Services and the Softoken module\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072222.html\");\n script_id(863691);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:34 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for nss-util FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss-util\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.13.1~3.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863804", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863804", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071325.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863804\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:18:59 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for nss FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via th
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Sterling Connect:Direct for UNIX (CVE-2015-2808)
