IBMBD8C0A1C6CF7A152703C30BB58CB250DE8EF6981B86403CF103D9F8401EAC584Security Bulletin: A vulnerability in the GSKIT component of the Core Framework affects IBM Performance Management products (CVE-2016-2183)
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
Summary
OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack.
Vulnerability Details
CVEID: CVE-2016-2183**
DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/116337 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
IBM Monitoring 8.1.3
IBM Application Diagnostics 8.1.3
IBM Application Performance Management 8.1.3
IBM Application Performance Management Advanced 8.1.3
IBM Cloud Application Performance Management
Remediation/Fixes
Product
| Product
VRMF| Remediation
—|—|—
IBM Monitoring
IBM Application Diagnostics
IBM Application Performance Management
IBM Application Performance Management Advanced
| 8.1.3| The vulnerability can be remediated by applying the Core Framework patch 8.1.3.0-IBM-IPM-CORE-FRAMEWORK-IPM-IF0002 to all systems where Performance Management agents are installed:
http://www-01.ibm.com/support/docview.wss?rs=0&uid=isg400003263
IBM Cloud Application Performance Management| N/A| If your subscription was upgraded to version 8.1.3.2, upgrade your existing Performance Management agents to the version 8.1.3.2 agent packages.
If your subscription is not yet upgraded to version 8.1.3.2, the vulnerability can be remediated by applying the Core Framework patch 8.1.3.1.0-IBM-IPM-CORE-FRAMEWORK-IPM-IF0001 to all systems where Performance Management agents are installed:
http://dbluewas1.pok.ibm.com/support/docview.wss?rs=0&uid=isg400001574
| CPE | Name | Operator | Version |
|---|---|---|---|
| tivoli monitoring | eq | 8.1.3 |
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N