## Summary
The Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Security Network Intrusion Prevention System.
## Vulnerability Details
**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)**
****DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as "Logjam".
CVSS Base Score: 4.3
CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)
## Affected Products and Versions
Products: GX3002, GX4002, GX4004, GX4004-v2, GX5008, GX5008-v2, GX5108, GX5108-v2, GX5208, GX5208-v2, GX6116, GX7412, GX7412-10, GX7412-05, GX7800, GV200, GV1000
Firmware versions 4.6.2, 4.6.1, 4.6, 4.5, 4.4, and 4.3
## Remediation/Fixes
_Product_
| _VRMF_| _Remediation/First Fix_
---|---|---
IBM Security Network Intrusion Prevention System | Firmware version 4.6.2| [_4.6.2.0-ISS-ProvG-AllModels-System-FP0009_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>)
IBM Security Network Intrusion Prevention System | Firmware version 4.6.1| [_4.6.1.0-ISS-ProvG-AllModels-System-FP0013_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>)
IBM Security Network Intrusion Prevention System | Firmware version 4.6| [_4.6.0.0-ISS-ProvG-AllModels-System-FP0011_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>)
IBM Security Network Intrusion Prevention System | Firmware version 4.5| [_4.5.0.0-ISS-ProvG-AllModels-System-FP0013_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>)
IBM Security Network Intrusion Prevention System | Firmware version 4.4| [_4.4.0.0-ISS-ProvG-AllModels-System-FP0013_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>)
IBM Security Network Intrusion Prevention System | Firmware version 4.3| [_4.3.0.0-ISS-ProvG-AllModels-System-FP0011_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security+Systems&product=ibm/Tivoli/Proventia+Network+Intrusion+Prevention+System&release=All&platform=All&function=all>)
You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.
## Workarounds and Mitigations
As the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted.
You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.
##
{"ibm": [{"lastseen": "2023-06-24T05:56:30", "description": "## Abstract\n\nIBM WebSphere Application Server v7.0 is shipped as a component of IBM Integrated Information Core. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. \n\n## Content\n\n**Vulnerability Details** \nPlease consult the security bulletin [Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21957980>) for vulnerability details and information about fixes. \n \n**Affected Products and Versions**\n\n**Principal Product and Version(s)**| **Affected Supporting Product and Version** \n---|--- \nIBM Integrated Information Core V1.5, V1.5.0.1, and V1.5.0.2| IBM WebSphere Application Server v7.0 \n \n**Related Information** \n[IBM Secure Engineering Web Portal](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>) \n \n**Change History** \n5 June 2015: Original Version Published \n\n[{\"Product\":{\"code\":\"SS8TBK\",\"label\":\"IBM Integrated Information Core\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"--\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"1.5;1.5.0.1;1.5.0.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB59\",\"label\":\"Sustainability Software\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-09-26T03:37:05", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Integrated Information Core (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2022-09-26T03:37:05", "id": "CF400205D925246630C27401AAFE4A535D4623838A972C087F26D86B886E2F0B", "href": "https://www.ibm.com/support/pages/node/528633", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-07T14:21:12", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM GPFS for Windows V3.5\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nOpenSSH for GPFS V3.5 for Windows\n\n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\n \nOn the Windows node running GPFS V3.5, login with Administrator privileges and perform the following steps from an elevated SUA Korn Shell (ksh): \n \n1\\. Issue the commands: \n \nawk '{ if ($5 <= 2000) printf \"#\"; print }' /usr/lpp/mmfs/platform/etc/moduli > /tmp/large_moduli \ncp /tmp/large_moduli /usr/lpp/mmfs/platform/etc/moduli \ncp /tmp/large_moduli /usr/local/etc/moduli \n \n2\\. Edit the file **/usr/local/etc/sshd_config** and append the following line at the end. Make sure that all algorithm names are comma separated in a single line, without any intervening spaces or tabs. \n \nKexAlgorithms \n[curve25519-sha256@libssh.org](<mailto:curve25519-sha256@libssh.org>),ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-gr \noup-exchange-sha1,diffie-hellman-group-exchange-sha256 \n \n3\\. Edit the file **/usr/local/etc/ssh_config** and append the following line at the end. Make sure that all algorithm names are comma separated in a single line, without any intervening spaces or tabs. \n \nKexAlgorithms \n[curve25519-sha256@libssh.org](<mailto:curve25519-sha256@libssh.org>),ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1 \n \n4\\. To generate any missing keys, issue: \n \n/usr/lpp/mmfs/platform/bin/ssh-keygen -A \n \n5\\. To verify the configuration files, issue: \n \n/usr/lpp/mmfs/platform/sbin/sshd -T \n \nMake sure that there are no error messages and that kexalgorithms matches as specified in (2). \n \n6\\. Restart the sshd daemon or reboot the node so that the modified configuration takes effect.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-06-25T16:46:35", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM GPFS for Windows (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2021-06-25T16:46:35", "id": "6A1B2B7D498455FED8A78848C883FAB22D8F5242925205A658F6AF4A8B0172FD", "href": "https://www.ibm.com/support/pages/node/680909", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:52:06", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Flex System Manager (FSM) SMIA Configuration Tool (also known as Network Advisor).\n\n## Vulnerability Details\n\n## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Flex System Manager (FSM) SMIA Configuration Tool (also known as Network Advisor).\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\n**Description:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\".\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\n * Flex System Manager 1.1.x.x\n * Flex System Manager 1.2.0.x\n * Flex System Manager 1.2.1.x\n * Flex System Manager 1.3.0.x\n * Flex System Manager 1.3.1.x\n * Flex System Manager 1.3.2.x\n * Flex System Manager 1.3.3.x\n\n## Remediation/Fixes:\n\nProduct | VRMF | APAR | SMIA Remediation \n---|---|---|--- \nFlex System Manager | 1.3.3.x | IT10005 | [ fsmfix1.3.3.0_IT10005](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.3.0_IT10005>) \nFlex System Manager | 1.3.2.x | IT10005 | [ fsmfix1.3.2.0_IT10005](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.2.0_IT10005>) \nFlex System Manager | 1.3.1.x | IT10005 | [ fsmfix1.3.1.0_IT10005](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.1.0_IT10005>) \nFlex System Manager | 1.3.0.x | IT10005 | Upgrade to FSM 1.3.3.0 and follow the appropriate remediation for all vulnerabilities, or contact IBM Support and refer to this APAR to obtain a limited availability FSM SMIA fix for version 1.3.0.x. \nFlex System Manager | 1.2.x.x | IT10005 | IBM is no longer providing code updates for this release, upgrade to FSM 1.3.3.0 and follow the appropriate remediation for all vulnerabilities. \nFlex System Manager | 1.1.x.x | IT10005 | Effective April 30, 2015, IBM has discontinued service for these version/release/modification/fix levels. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations:\n\nNone\n\n## References:\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>) \n\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n26 June 2015: Original Copy Published \n29 July 2015: Updated APAR and SMIA Remediation locations\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Flex System Manager (FSM) SMIA Configuration Tool (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2019-01-31T02:10:01", "id": "7C001550B5D073B02A2FA99985BDB7A2F6AC2EE0222BBA289113D3D2295DCC6A", "href": "https://www.ibm.com/support/pages/node/867486", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:49:11", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Rational Directory Administrator\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT cipher-suite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n**Product**\n\n| **Version** \n---|--- \nRational Directory Administrator| 6.0 - 6.0.0.2_iFix02 \n \n## Remediation/Fixes\n\n**Product**\n\n| **Download link** \n---|--- \nIBM Rational Directory Administrator 6.0 and above| [_RDA 6.0.0.2 iFix03_](<http://www-01.ibm.com/support/docview.wss?uid=swg24040160>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T05:03:05", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Rational Directory Administrator (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T05:03:05", "id": "C7202DB5711F055D9F237809CC1FAF2AC0CD165E05DDFB099BEAA1156D250972", "href": "https://www.ibm.com/support/pages/node/528231", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:52:08", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Security Network Protection. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \n****DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Security Network Protection 5.2 \nIBM Security Network Protection 5.3 \n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nIBM Security Network Protection | Firmware version 5.2| Download 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0010 from [_IBM Fix Central_](<http://www-933.ibm.com/support/fixcentral/>) and upload and install via the Available Updates page of the local management interface. \nIBM Security Network Protection| Firmware version 5.3| Install Fixpack 5.3.1.2 from the Available Updates page of the local management interface, or by performing a One Time Scheduled Installation from SiteProtector. \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nAs the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T21:25:46", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Network Protection (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T21:25:46", "id": "E1AE7C0A22A69BD8715169108247C105632920F2D3FF1536C2927E5CE60B98F2", "href": "https://www.ibm.com/support/pages/node/531675", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-07T14:20:35", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM InfoSphere Optim Performance Manager\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Optim Performance Manager for DB2 on Linux, UNIX, and Windows version 4.1 through 4.1.1 \n \nIBM InfoSphere Optim Performance Manager for DB2 on Linux, UNIX, and Windows version 5.1 through 5.3.1\n\n## Remediation/Fixes\n\n**OPM version**\n\n| **JRE Update URL** \n---|--- \n4.1 - 5.1.1.1| [Replace JRE](<http://www.ibm.com/support/docview.wss?uid=swg21640535>) (V6 SR16-FP5 ) \n5.2 - 5.3.1| [Replace JRE](<http://www.ibm.com/support/docview.wss?uid=swg21640535>) (V7 SR9-FP1) or see Workarounds and Mitigations below \n \n## Workarounds and Mitigations\n\nFor OPM 5.2 - 5.3.1 disable the DH and DHE cipher suites by adding \"DH, DHE\" to the list of disabled algorithms defined by the jdk.tls.disabledAlgorithms security property in java.security file.\n\nEdit the java.security file that is located in the InfoSphere Optim Performance Manager installation directory:\n\n \n \n` /jre/lib/security/java.security` \n \nAdd the following line and save the file: \n \n` jdk.tls.disabledAlgorithms=DH, DHE` \n \nIf the jdk.tls.disabledAlgorithms property was already enabled (without a \"#\" character at the beginning of the line), i.e.: \n \n` jdk.tls.disabledAlgorithms=SSLv3` \n \nthen append the text _\", DH, DHE\"_ to the end of the line and save the file. \n \n` jdk.tls.disabledAlgorithms=SSLv3``**, DH, DHE**` \n \nRestart the OPM Web Console server for this change to take effect. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-07-08T21:30:52", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects\u00a0IBM InfoSphere Optim Performance Manager\u00a0(CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2021-07-08T21:30:52", "id": "7A5CFDE0E408F56F63908C5AD8E9CC9CDBD463ED34D1264C150C45B349777C80", "href": "https://www.ibm.com/support/pages/node/528979", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T05:58:20", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of IBM WebSphere Application Server Full Profile that is shipped as a component of WebSphere Process Server. The IBM HTTP Server used by WebSphere Application Server is not affected. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>) \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n * WebSphere Process Server V7.0\n * WebSphere Process Server Hypervisor Editions V6.2, V7.0\n\n \nAs previously announced, support for WebSphere Process Server ended 2015-04-30. WebSphere Process Server Hypervisor Editions are still in support until 2015-09-30. IBM recommends upgrading to a fixed, supported product, such as IBM Business Process Manager Advanced Edition.\n\n## Remediation/Fixes\n\nPlease consult the security bulletin [Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21957980>) for vulnerability details and information about fixes. \nThe following setting in java.secruity allows you to reenable ciphers using DH and DHE key exchange that you had to disable as a temporary workaround: \njdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize <768\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-09-15T18:50:34", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect WebSphere Process Server (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2022-09-15T18:50:34", "id": "51E9677DC7CA30EEB7E2A2C4B951304276D0C0BC8FBDD6AAD398EFC6ACA57077", "href": "https://www.ibm.com/support/pages/node/528329", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T06:15:08", "description": "## Summary\n\nOpenSSL is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>) \n \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nPower HMC V7.7.3.0 \nPower HMC V7.7.8.0 \nPower HMC V7.7.9.0 \nPower HMC V8.1.0.0 \nPower HMC V8.2.0.0 \nPower HMC V8.3.0.0\n\n## Remediation/Fixes\n\nThe following fixes are available on IBM Fix Central at: [**_http://www-933.ibm.com/support/fixcentral/_**](<http://www-933.ibm.com/support/fixcentral/>)\n\n_Product_| \n_VRMF_| \n_APAR_| \n_Remediation/First Fix_ \n---|---|---|--- \n \nPower HMC| \nV7.7.3.0 SP7| \nMB03923| Apply eFix MH01535 \n \nPower HMC| \nV7.7.8.0 SP2| \nMB03924| \nApply eFix MH01536 \n \nPower HMC| \nV7.7.9.0 SP2| \nMB03925| \nApply eFix MH01537 \n \nPower HMC| \nV8.8.1.0 SP2| \nMB03920| \nApply eFix MH01532 \n \nPower HMC| \nV8.8.2.0 SP1| \nMB03926| \nApply eFix MH01538 \n \nPower HMC| \nV8.8.3.0| \nMB03927| \nApply eFix MH01539 \n \n**Note:** \n1\\. For unsupported releases IBM recommends upgrading to a fixed, supported release of the product. \n2\\. After applying the PTF, you should restart the HMC. \n3\\. HMC V7.7.3 support is extended only for managing the Power 775 (9125-F2C) also called \"PERCS\" and \"IH\". End Of Service date for managing all other server models was 2013.05.31. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-09-23T01:31:39", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Open SSL affect Power Hardware Management Console (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2021-09-23T01:31:39", "id": "0152A24867252D411C4140FCE0A92FD600DE3BFA39551FF64FE99835850EF5AB", "href": "https://www.ibm.com/support/pages/node/666311", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T06:04:15", "description": "## Summary\n\nThe Logjam Attack on TLS(Transport Layer Security) connections using the Diffie-Hellman (DH) key exchange protocol affects IMS\u2122 Enterprise Suite: SOAP Gateway.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThe SOAP Gateway component of the IMS\u2122 Enterprise Suite Versions 3.1 and earlier.\n\n## Workarounds and Mitigations\n\n**Java 7 and Java 8 Mitigation:** \n\n\n1\\. Disabling DH and DHE cipher suites. The can be achieved by adding the DH and DHE cipher suites to the list of disabled algorithms defined by the jdk.tls.disabledAlgorithms security property in java.security file\n\n \n\n\nSSL_DHE_RSA_WITH_AES_256_CBC_SHA256\n\nSSL_DHE_DSS_WITH_AES_256_CBC_SHA256\n\nSSL_DHE_RSA_WITH_AES_256_CBC_SHA\n\nSSL_DHE_DSS_WITH_AES_256_CBC_SHA\n\nSSL_DHE_RSA_WITH_AES_128_CBC_SHA256\n\nSSL_DHE_DSS_WITH_AES_128_CBC_SHA256\n\nSSL_DHE_RSA_WITH_AES_128_CBC_SHA\n\nSSL_DHE_DSS_WITH_AES_128_CBC_SHA\n\nSSL_DHE_DSS_WITH_AES_256_GCM_SHA384\n\nSSL_DHE_RSA_WITH_AES_256_GCM_SHA384\n\nSSL_DHE_RSA_WITH_AES_128_GCM_SHA256\n\nSSL_DHE_DSS_WITH_AES_128_GCM_SHA256\n\nSSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA\n\nSSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA\n\nSSL_DH_anon_WITH_AES_256_GCM_SHA384\n\nSSL_DH_anon_WITH_AES_128_GCM_SHA256\n\nSSL_DH_anon_WITH_AES_256_CBC_SHA256\n\nSSL_DH_anon_WITH_AES_256_CBC_SHA\n\nSSL_DH_anon_WITH_AES_128_CBC_SHA256\n\nSSL_DH_anon_WITH_AES_128_CBC_SHA\n\nSSL_DH_anon_WITH_3DES_EDE_CBC_SHA\n\nSSL_DH_anon_WITH_RC4_128_MD5\n\nSSL_DHE_RSA_WITH_DES_CBC_SHA\n\nSSL_DHE_DSS_WITH_DES_CBC_SHA\n\nSSL_DH_anon_WITH_DES_CBC_SHA\n\nSSL_DHE_DSS_WITH_RC4_128_SHA\n\nSSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA\n\nSSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA\n\nSSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA\n\nYou should verify applying this configuration change does not cause any compatibility issues. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n**Important note: **IBM strongly suggests that all System z customers subscribe to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [_System z Security web site_](<http://www-03.ibm.com/systems/z/advantages/security/integrity_sub.html>). Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk..\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-06-01T13:05:44", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IMS\u2122 Enterprise Suite: SOAP Gateway (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2022-06-01T13:05:44", "id": "7340E3F23C51568EABC2A1B9C16B7F43FF518BC86EC0742E99E2F706100E06F9", "href": "https://www.ibm.com/support/pages/node/529007", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:47:59", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM eDiscovery Analyzer.\n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM eDiscovery Analyzer Version 2.2 \n\nIBM eDiscovery Analyzer Version 2.2.1\n\nIBM eDiscovery Analyzer Version 2.2.2\n\n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\nThe Logjam attack, which affects TLS connections using the Diffie-Hellman (DH) key exchange protocol, may affect IBM eDiscovery Analyzer. In order to protect the installation from this vulnerability, DE/DHE ciphers should be disabled. This can be accomplished by ensuring that all of the following strings are specified as item elements in the array under the ExcludeCipherSuites element of Jetty.xml: \n \nTLS_DHE_RSA_WITH_AES_256_CBC_SHA256 \nTLS_DHE_DSS_WITH_AES_256_CBC_SHA256 \nTLS_DHE_RSA_WITH_AES_256_CBC_SHA \nTLS_DHE_DSS_WITH_AES_256_CBC_SHA \nTLS_DHE_RSA_WITH_AES_128_CBC_SHA256 \nTLS_DHE_DSS_WITH_AES_128_CBC_SHA256 \nTLS_DHE_RSA_WITH_AES_128_CBC_SHA \nTLS_DHE_DSS_WITH_AES_128_CBC_SHA \nTLS_DHE_DSS_WITH_AES_256_GCM_SHA384 \nTLS_DHE_RSA_WITH_AES_256_GCM_SHA384 \nTLS_DHE_RSA_WITH_AES_128_GCM_SHA256 \nTLS_DHE_DSS_WITH_AES_128_GCM_SHA256 \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the DH or DHE stream ciphers will expose yourself to the Logjam attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T12:11:23", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM eDiscovery Analyzer (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T12:11:23", "id": "AA65E01A5ADB89712C52EF9ED38433CC0B89DDE0A18D8B93797A201A1B88A405", "href": "https://www.ibm.com/support/pages/node/528463", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:38:25", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed by the OpenSSL Project and affect Rational Developer for System z. This includes the Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). Rational Developer for System z has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n| **Subscribe to My Notifications to be notified of important product support alerts like this.**\n\n * Follow [this link](<https://www.ibm.com/systems/support/myview/subscription/css.wss/subscriptions?methodName=startSearchToSubscribe&uctug_rational_dcfsbblurb_2013-11-05_myn_adoption_promo>) for more information (requires login with your IBM ID) \n---|--- \n \n \n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n\n## Affected Products and Versions\n\n**Principal Product and Version(s)**\n\n| **Affected Supporting Product and Version** \n---|--- \nRational Developer for System z, versions 8.5.x, 9.0.x, 9.1.x| \n\n * IBM SDK, Java Technology Edition, Version 7 Service Refresh 9 and earlier\n * ## Remediation/Fixes \n \nIBM has provided patches for all affected versions. \n \nFollow the installation instructions in the README files included with the patch. \n \nThe fix can be obtained at the following locations: \n\n\n * [Rational Developer for System z Interim Fix 5 for 8.5.x](<http://www-01.ibm.com/support/docview.wss?uid=swg24040385>)\n * [Rational Developer for System z Interim Fix 5 for 9.0.x](<http://www-01.ibm.com/support/docview.wss?uid=swg24040384>)\n * [Rational Developer for System z Interim Fix 5 for 9.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg24040383>)\n * As the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-10-27T15:51:50", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Rational Developer for System z (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2020-10-27T15:51:50", "id": "DC57438D564B92B5261B541A39F338A5C9FAE604E371F12C2D4293F9D72214B8", "href": "https://www.ibm.com/support/pages/node/533143", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:43:29", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM UrbanCode Release. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\n**Description:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\".\n\n**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector: **(AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM UrbanCode Release 6.0.1.6 and earlier, 6.1.0.7 and earlier, and 6.1.1.1 and earlier. \n\n## Remediation/Fixes\n\nThis issue is fixed in the following release: \n\n * [IBM UrbanCode Release 6.1.1.9](<http://www.ibm.com/support/docview.wss?uid=swg24040308>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T22:32:04", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM UrbanCode Release (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T22:32:04", "id": "6B8EC9D9D398736C2EB8A35C24912E8DF2080F374923CF0E01A3C9C1156F7639", "href": "https://www.ibm.com/support/pages/node/530913", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-12T21:34:43", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects TS3400.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \n****DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nFirmware versions below 0055.\n\n## Remediation/Fixes\n\nUpdate to firmware version 0055 or greater. \n \nAs the length of the server key size increases, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \nYou should verify that applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-18T00:09:43", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects TS3400 (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-18T00:09:43", "id": "EF37F55BDAA7C23938ACD87E25A2EC35E294C9E979A0AA4A909DA2B9AD9237A4", "href": "https://www.ibm.com/support/pages/node/690523", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:46:20", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Tivoli Netcool Service Quality Manager. \n\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThis vulnerability affects Tivoli Netcool Service Quality Manager 4.1.4\n\n## Remediation/Fixes\n\nIBM has provided patches for all affected versions. \nThe IBM Java Runtime Environment Technology Edition, Version 5.0 Service Refresh 16 Fix Pack 11 can be downloaded from the IBM Fix Central site: \n<https://delivery04.dhe.ibm.com/sar/CMA/WSA/05f7p/0/j564redist.tar.gz> \n \nTo install the patch the following procedure has to be performed on TNSQM servers: \n \n$ sap stop \n$ sapmon stop \n$ sapmgr stop \n$ cd ${WMCROOT}/java \n$ mv jre jre.old \n$ gunzip -c <location of patch>/j564redist.tar.gz | tar -xf - \n$ sapmon start \n$ sapmgr start \n$ sap start \n \nThe Logjam attack which affects TLS connections using the Diffie-Hellman (DH) key exchange protocol may affect some configurations in WebSphere Application Server. WebSphere Application Server has DH and DHE ciphers included in the \"STRONG\" or \"HIGH\", \"MEDIUM\" and \"LOW\" cipher lists. They also could be present if you have a \"CUSTOM\" list of ciphers. You will need to remove any of the ciphers that begin with SSL_* or TLS_* that also have DH or DHE in the Name from your WebSphere Application Server SSL configuration. This does NOT include ciphers that have ECDH or ECDHE in the Name, these are elliptic curve Diffie-Hellman ciphers and they are not affected. \n \nYou can view the administrative console page to change the settings, click **Security > SSL certificate and key management**. Under Configuration settings, click** Manage endpoint security configurations > {Inbound | Outbound} > ****_ssl_configuration_**. Under Related items, click **SSL configurations > **. Click on {_SSL_configuration_name_ }. Under **Additional Properties**, click **Quality of protection (QoP) settings**. \nFor more information on the Quality of Protection settings refer to the Knowledge Center:[_http://www-01.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.nd.doc/ae/usec_sslqualprotect.html?lang=en_](<http://www-01.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.nd.doc/ae/usec_sslqualprotect.html?lang=en>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:04:05", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers affects IBM Tivoli Netcool Service Quality Manager (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:04:05", "id": "E92AA27F03E5AF91B1903547248DC2ABD2A1AAA86CD439FA495889D5492AAC30", "href": "https://www.ibm.com/support/pages/node/530269", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:53:54", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM DB2 Recovery Expert for Linux, UNIX, and Windows\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM DB2 Recovery Expert for Linux, UNIX, and Windows versions 3.1 through 4.1\n\n## Remediation/Fixes\n\nReplace existing JRE with JRE V7 SR9-Fix Pack 1 (<http://www-01.ibm.com/support/docview.wss?uid=swg21639279>). \n\nYou can replace the IBM Runtime Environment, Java\u2122 Technology Edition that is installed with IBM DB2 Recovery Expert for Linux, UNIX, and Windows with the latest IBM Runtime Environment, Java\u2122 Technology Edition following the detailed instructions provided in the tech-note \"[_Updating the JRE for DB2 Recovery Expert for Linux, UNIX and Windows_](<http://www-01.ibm.com/support/docview.wss?uid=swg21644942>)\". \n\n## Workarounds and Mitigations\n\n \nDisable the DH and DHE cipher suites by adding \"DH, DHE\" to the list of disabled algorithms defined by the jdk.tls.disabledAlgorithms security property in java.security file. \n\nEdit the java.security file that is located in the Recovery Expert installation directory: \n` \n/jre/lib/security/java.security` \n \nAdd the following line and save the file: \n` \njdk.tls.disabledAlgorithms=DH, DHE` \n \nIf the jdk.tls.disabledAlgorithms property was already enabled (without a \"#\" character at the beginning of the line), i.e.: \n` \njdk.tls.disabledAlgorithms=SSLv3` \n \nthen append the text _\", DH, DHE\"_ to the end of the line and save the file. \n` \njdk.tls.disabledAlgorithms=SSLv3``**, DH, DHE**` \n \nRestart the Recovery Expert server for this change to take effect. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T13:11:21", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects\u00a0IBM DB2 Recovery Expert for Linux, UNIX and Windows\u00a0(CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T13:11:21", "id": "060D29075221E3BD4B66B9D7EDFCE3AD2F7BA256EACA045B6B1D4962B9C60AA4", "href": "https://www.ibm.com/support/pages/node/529809", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T01:46:53", "description": "## Summary\n\nThe IBM Tivoli Storage Manger client (IBM Spectrum Protect) is shipped as a component of IBM Tivoli Storage FlashCopy Manager for Windows (IBM Spectrum Protect Snapshot). Information about a security vulnerability affecting the IBM Tivoli Manager client has been published in a security bulletin.\n\n## Vulnerability Details\n\nConsult the security bulletin[ **Vulnerability in Diffie-Hellman ciphers affects the IBM Tivoli Storage Manager Client and the IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware data mover (CVE-2015-4000)**](<http://www.ibm.com/support/docview.wss?uid=swg21972372>) for vulnerability details and information about the fixes.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nTivoli Storage Manager FlashCopy Manager for Windows version 4.1| Tivoli Storage Manager client version 7. \n \n**Note:** Within the Tivoli Storage FlashCopy Manager product on Windows, the Tivoli Storage Manager Client is also known as the FlashCopy Manager VSS Requestor component.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:14:17", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in the Tivoli Storage Manager Client shipped with IBM Tivoli Storage FlashCopy Manager for Windows (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:14:17", "id": "C1DB9DF00AB208BADC001393BCFE99FE4AD1B2C7C68488061EC684A276D26990", "href": "https://www.ibm.com/support/pages/node/274381", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:30", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM PureApplication System. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM PureApplication System V2.1 \nIBM PureApplication System V2.0 \nIBM PureApplication System V1.1 \n\n## Remediation/Fixes\n\nThe solution is to upgrade the IBM PureApplication System to the following fix level: \n \nIBM PureApplication System V2.1 \nUpgrade to IBM PureApplication System V2.1.0.2 \n \nIBM PureApplication System V2.0 \nUpgrade to IBM PureApplication System V2.0.0.1 Interim Fix 5 \n \nIBM PureApplication System V1.1 and earlier: \nContact IBM customer support for upgrade options. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:31", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM PureApplication System. (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:31", "id": "7275F85478A777D644550D45ACA5A98C079C0BECFEE5DDF61F7351735EE1D7D8", "href": "https://www.ibm.com/support/pages/node/535651", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-13T05:37:53", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Real-time Compression Appliance \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)\n\n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\".CVSS Base Score: 4.3CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current scoreCVSS Environmental Score*: UndefinedCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nReal-time Compression Appliance releases \n\n\u00b7 3.8\n\n\u00b7 3.9\n\n\u00b7 4.1\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-18T00:09:44", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Real-time Compression Appliance (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-18T00:09:44", "id": "E47471C8378F0098D1B6B7659731830AD39260FEC72F155F7C4E267A79FB1091", "href": "https://www.ibm.com/support/pages/node/690537", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:52:55", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol may affect IBM Sterling B2B Integrator and IBM Sterling File Gateway based on customer configuration and use. \n\n## Vulnerability Details\n\n**CVE ID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>) \n \n**DESCRIPTION: **The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \n**CVSS:** \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Sterling B2B Integrator 5.2 \nIBM Sterling File Gateway 2.2 \nSterling Integrator 5.1 \nSterling File Gateway 2.1\n\n## Remediation/Fixes\n\n**IBM\u00ae SDK Java**** or Oracle Java SE update is necessary since the following components use default ciphers from ****IBM\u00ae SDK Java**** or Oracle Java SE:**\n\n\u00b7 **Dashboard and all other UIs**\n\n\u00b7 **JMS 1.1 adapter and service**\n\n\u00b7 **SMTP Send adapter**\n\n\u00b7 **B2B Mail Client adapter**\n\n**See the following tables for upgrading ****IBM\u00ae SDK Java**** or Oracle Java SE****.**** \n \n****After upgrading, you must stop and restart Sterling B2B Integrator in order for new IBM\u00ae SDK Java**** or Oracle Java SE**** to take effect.**** \n**\n\n**Product & Version**\n\n| \n\n**Remediated Fix** \n \n---|--- \n**Sterling Integrator 5.1 or \nSterling File Gateway 2.1**| \n\n1\\. **Upgrade Sterling Integrator to Build 5104. **\n\n2\\. **Go to the**[** ****_Fix Central for IBM Java fixes_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/Java&release=All&platform=All&function=all>)** to download IBM\u00ae SDK Java\u2122 Technology Edition, Version 6 Service Refresh 16 Fix Pack 5 and subsequent releases. \n \nFor Solaris and HP-UX, refer to the Java vendor to find the appropriate version that addresses ****Logjam**** vulnerability.**\n\n3\\. **Make configuration changes as specified in the Workarounds and Mitigations section below.** \n \n**IBM Sterling B2B Integrator 5.2 or \nIBM Sterling File Gateway 2.2**| \n\n1\\. **Upgrade Sterling B2B Integrator to V5.2.5.0**\n\n2\\. **Go to the**[** ****_Fix Central for IBM Java fixes_**](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/Java&release=All&platform=All&function=all>)** to download IBM\u00ae SDK Java\u2122 Technology Edition, Version 7 Service Refresh 9 Fix Pack 1 and subsequent releases. **\n\n3\\. **Make configuration changes specified in the Workarounds and Mitigations section below.** \n \n## Workarounds and Mitigations\n\n** After you upgrade IBM\u00ae SDK Java**** or Oracle Java SE****, you must make the following configuration change, since some components don\u2019t use default ciphers from IBM\u00ae SDK Java**** or Oracle Java SE****. The following table provides instructions on how to make configuration changes. After making the necessary changes, you must stop and restart Sterling B2B Integrator in order for these changes to take effect. **\n\nIf you use:| Then do this: \n---|--- \nCommunications adapters (FTP Client, FTP Server, HTTP Client, HTTP Server)| If you have overridden WeakCipherSuite, StrongCipherSuite, AllCipherSuite and JDKCipherSuite in security.properties or customer_overrides.properties and included a DH or DHE cipher in the list, remove DH or DHE cipher. This applies to all SSL usage in perimeter server. \nConnect:Direct Sever adapter or Connect:Direct Request adapter| You should use strong ciphers in the configuration for adapters and services and should not use the cipher with DH and DHE. Review all CDSA configurations to verify that DH and DHE are not in use. \n \n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T19:45:26", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T19:45:26", "id": "7762BA199E7FFD449E5A4723DC9451739D2926263A0C78F0B0DB311557955F32", "href": "https://www.ibm.com/support/pages/node/528913", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:53:55", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects DB2 QMF for Workstation. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>) \nThe TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n * QMF for z/OS Version 11 Release 1, Fix Pack 4 (and lower)\n * QMF Enterprise Edition Version 11 Release 1, Fix Pack 4 (and lower)\n * QMF Enterprise Edition Version 10 Release 1, Fix Pack 11 (and lower)\n\n## Remediation/Fixes\n\n * DB2 QMF for z/OS Version 11 Release 1: \n * install [Java JRE 8.0.1.1 fix from IBM Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DB2+Query+Management+Facility+for+zOS&release=11.1&platform=All&function=all>)\n * DB2 QMF Enterprise Edition Version 11 Release 1: \n * install [Java JRE 8.0.1.1 fix from IBM Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DB2+Query+Management+Facility&release=11.1&platform=All&function=all>)\n * DB2 QMF Enterprise Edition Version 10 Release 1: \n * install [Java JRE 6.0.16.5 fix from IBM Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DB2+Query+Management+Facility&release=10.1&platform=All&function=all>)\n\nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n \n\n\n## Workarounds and Mitigations\n\nNone. \n\n**Important note:** IBM strongly suggests that all System z customers subscribe to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [_System z Security web site_](<http://www.ibm.com/systems/z/solutions/security_subintegrity.html>). Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T13:11:16", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects DB2 QMF for Workstation (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T13:11:16", "id": "F1FBE998607B8573193498322E7BE1537F374DA8945BB6FD21F1F411C5CFBE31", "href": "https://www.ibm.com/support/pages/node/528679", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:46:20", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Tivoli Composite Application Manager for SOA.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Tivoli Composite Application Manager for SOA 7.2\n\n## Remediation/Fixes\n\n_Product_\n\n| \n\n_VRMF_ | \n\n_APAR_ | \n\n_Remediation/First Fix_ \n---|---|---|--- \n \nIBM Tivoli Composite Application Manager for SOA | \n\n7.2.0.1 | \n\nIV74202 | \n\n[7.2.0.1-TIV-ITCAMSOA-IF0004](<http://www-01.ibm.com/support/docview.wss?uid=isg400002197>) \n \nThis fix also includes the April Quarterly update. For details see here: <http://www-01.ibm.com/support/docview.wss?uid=swg21902710> \n \nFor earlier releases IBM recommends upgrading to a fixed, supported version of the product. \n \nAs the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:03:40", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Tivoli Composite Application Manager for SOA (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:03:40", "id": "7B6360E6170AE682141272F2B97621DD5EF067C4936470B6CB4CA11B999445C8", "href": "https://www.ibm.com/support/pages/node/529599", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:43", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Datapower Gateways. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \n** \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n\n * CVSS Base Score: 4.3\n * CVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score\n * CVSS Environmental Score*: Undefined\n * CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nAll DataPower products and versions that are configured to perform SSL/TLS transactions as a client.\n\n## Remediation/Fixes\n\nFix is available in versions 6.0.0.16, 6.0.1.12, 7.0.0.9, 7.1.0.6, 7.2.0.1. Refer to [APAR IT10061](<http://www-01.ibm.com/support/docview.wss?uid=swg1IT10061>) for URLs to download the fix. \n \nNote that the workaround/mitigation is only required in the affected versions of DataPower. \n \nYou should verify applying this fix does not cause any compatibility issues. \n\n_For DataPower customers using versions 5.x and older versions, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nDataPower appliances acting as an SSL server are not vulnerable. \n \nFor appliances acting as an SSL client, and which have not been upgraded to the fixed firmware versions, disable DH ciphers in DataPower. \n \nTo disable the DH ciphers in DataPower, refer to the steps below. \n\n\n 1. Quiesce all domains and services to stop traffic to the appliance. System quiesce and unquiesce commands can be run by navigating to **Administration > Main > System Control**.\n 2. Select **Objects > Crypto Configuration > Crypto Profile** in the left navigation pane. For all the crypto profiles that are configured in the **Configure Crypto Profile** page, suffix the existing **Ciphers** string with a value `:!DH:!kEDH` and click **Apply**.\n \nFor example, if you have a default configuration, the updates appears as below: \nDefault cipher string: `HIGH:MEDIUM:!aNULL:!eNULL:@STRENGTH` \nDH disabled cipher string: `HIGH:MEDIUM:!aNULL:!eNULL:@STRENGTH:!DH:!kEDH` \n \nNote that DH must be disabled in all the crypto profiles configured in all the domains when used in an SSL client profile. \n \nYou should verify applying this configuration change does not cause any compatibility issues. \n \nNot disabling the DH stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the DH stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:11", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Datapower Gateways (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:11", "id": "4D0AFF3232340343E969D4C82C6453E163235BEF49C0404FAB7B374B0049A1D1", "href": "https://www.ibm.com/support/pages/node/528269", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:53:50", "description": "## Summary\n\nTLS connections using Diffie-Hellman (DH) key exchange protocol affects IBM SPSS Data Accesss Pack 7.1.1. This attack has been referred to as \"Logjam\" in various sources. IBM SPSS Data Access Pack is a software component used by IBM SPSS Statistics and IBM SPSS Modeler.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM SPSS Modeler 17 \n\nIBM SPSS Statistics 23\n\n## Remediation/Fixes\n\n \nDownload and apply [SDAP7.1.1-IF4](<http://www-933.ibm.com/support/fixcentral/swg/downloadFixes?parent=SPSS&product=ibm/Information%20Management/SPSS%20Statistics&release=23.0.0.0&platform=All&function=fixId&fixids=7.1.1-IM-S711SDAP-IF004&includeRequisites=1&includeSupersedes=0&downloadMethod=http>) to upgrade IBM SPSS Data Access Pack V. 7.1.1 \n \nNote: You should verify applying this fix does not cause any compatibility issue in your environment. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T13:35:54", "type": "ibm", "title": "Security Bulletin: DH Key Exchange protocol vulnerability (\u201cLogjam\u201d) affects SPSS Data Access Pack", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T13:35:54", "id": "5B254DCC99E2209F6FACA83F26101D978763475FE86B1AB6AED13E3CBFF9A572", "href": "https://www.ibm.com/support/pages/node/535293", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:52:06", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Flex System Manager (FSM) SMIA Configuration Tool (also known as Network Advisor).\n\n## Vulnerability Details\n\n## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Flex System Manager (FSM) SMIA Configuration Tool (also known as Network Advisor).\n\n**Vulnerability Details**\n\n**CVE-ID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\n**Description:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\".\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\n * Flex System Manager 1.1.x.x\n * Flex System Manager 1.2.0.x\n * Flex System Manager 1.2.1.x\n * Flex System Manager 1.3.0.x\n * Flex System Manager 1.3.1.x\n * Flex System Manager 1.3.2.x\n * Flex System Manager 1.3.3.x\n\n## Remediation/Fixes\n\nProduct | VRMF | APAR | SMIA Remediation \n---|---|---|--- \nFlex System Manager | 1.3.3.x | IT10005 | [ fsmfix1.3.3.0_IT10005](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.3.0_IT10005>) \nFlex System Manager | 1.3.2.x | IT10005 | [ fsmfix1.3.2.0_IT10005](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.2.0_IT10005>) \nFlex System Manager | 1.3.1.x | IT10005 | [ fsmfix1.3.1.0_IT10005](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2Fsystemx%2F8731&fixids=fsmfix1.3.1.0_IT10005>) \nFlex System Manager | 1.3.0.x | IT10005 | Upgrade to FSM 1.3.3.0 and follow the appropriate remediation for all vulnerabilities, or contact IBM Support and refer to this APAR to obtain a limited availability FSM SMIA fix for version 1.3.0.x. \nFlex System Manager | 1.2.x.x | IT10005 | IBM is no longer providing code updates for this release, upgrade to FSM 1.3.3.0 and follow the appropriate remediation for all vulnerabilities. \nFlex System Manager | 1.1.x.x | IT10005 | Effective April 30, 2015, IBM has discontinued service for these version/release/modification/fix levels. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nNone.\n\n## Reference\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n26 June 2015: Original Copy Published \n29 July 2015: Updated APAR and SMIA Remediation locations\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Flex System Manager (FSM) SMIA Configuration Tool (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2019-01-31T02:10:01", "id": "C4E218A5F52DE1B9AF1E52707DFA1604E9A662C6C98C3B20A4570D025945B423", "href": "https://www.ibm.com/support/pages/node/867484", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:44:05", "description": "## Summary\n\nA port used by Operations Center is reported to be vulnerable to Logjam (CVE-2015-4000).\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>) \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Spectrum Protect Operations Center affected levels are 8.1.3 through 8.1.7. Note that 7.1 is not affected.\n\n## Remediation/Fixes\n\n_**IBM Spectrum Protect \nOperations Center Release**_ | _**First Fixing \nVRM Level**_ | _**APAR**_ | _**Platform**_ | _**Link to Fix**_ \n---|---|---|---|--- \n8.1 | 8.1.8 | IT30213 | AIX \nLinux \nWindows | \n\n<https://www.ibm.com/support/docview.wss?uid=ibm10888465> \n \n## Workarounds and Mitigations\n\nIBM Spectrum Protect Operations Center 8.1.3 through 8.1.7, can add the following statements to the java security file (/opt/tivoli/tsm/jre/lib/security/java.security) to eliminate exposure to this vulnerability: \n\n \njdk.certpath.disabledAlgorithms=MD2,MD5,SHA1 usage TLSServer TLSClient SignedJAR, RSA keySize < 1024, DSA keySize < 1024, EC keySize < 256, DSS\n\njdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, DH keySize < 2048, EC keySize < 256, DSS, 3DES_EDE_CBC, DES, DESede, RC4, MD5, SHA1, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, anon, NULL, GCM\n\njdk.tls.ephemeralDHKeySize=2048\n\n \njdk.tls.rejectClientInitiatedRenegotiation=true\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-09-11T01:07:40", "type": "ibm", "title": "Security Bulletin: Spectrum Protect Operations Center vulnerable to Logjam (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2019-09-11T01:07:40", "id": "57C16E3BD2286320928A05596A968D22220B643925F26C41E1EC7F23BC8C4E85", "href": "https://www.ibm.com/support/pages/node/1073000", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-09-16T22:03:03", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects TS3100/TS3200.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nVersions below C.80.\n\n## Remediation/Fixes\n\nUpgrade to version C.80 or later. \n \nAs the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-03-25T00:48:46", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects TS3100/TS3200 (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2023-03-25T00:48:46", "id": "338304DCD8CF4EC836318AF17BD1C0C6B40E0F07321A15BBDC23429C37312D7C", "href": "https://www.ibm.com/support/pages/node/690643", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T05:59:48", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of IBM WebSphere Application Server Full Profile, IBM WebSphere Application Server Liberty Profile, and IBM WebSphere Application Server Hypervisor Edition. The IBM HTTP Server used by WebSphere Application Server is not affected. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nThe following IBM WebSphere Application Server Versions may be affected: \n\n * Version 8.5 and 8.5.5 Full Profile and Liberty Profile\n * Version 8\n * Version 7\n * Version 6.1\n\n## Remediation/Fixes\n\n**_For IBM WebSphere Application Server and IBM WebSphere Application Server Hypervisor Edition_** **:** \n \nYou should apply the correct Interim Fix as noted below for your version of the IBM SDK Java Technology Edition. You will also need to update your java.security file to add \n\n`jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768`\n\n \n \nAdding this line to the java.security file will disable features exploited by Poodle, RC4 (Bar Mitzvah), and logjam vulnerabilities. \nThe IBM Java SDK already has SSLv3 disabled by default and the WebSphere Application Server default configuration does not have any RC4 Ciphers. As such adding the jdk.tls.disabledAlgorithims= for SSLv3 and RC4 is redundant but is consistent with what is required for a stand alone JDK. The java.security file must be updated on the client side with the DH keySize so that is it not vulnerable to the logjam attack. The DH Keysize<768 means that the client will only accept DH keys greater than or equal to 768. \n\nAPAR IV73934 - includes the fix for CVE-2015-4000 for IBM SDK, Java Technology Edition, Versions 6, 7 and 8 \nAPAR IV73962 - includes the fix for CVE-2015-4000 for IBM SDK, Java 2 Technology Edition Version 5\n\nDownload and apply the interim fix APARs below, for your appropriate release\n\n**For V8.5.0.0 through 8.5.5.6 Liberty Profile:**\n\nUpgrade to WebSphere Application Server Liberty Profile Fix Pack 8.5.5.1 or later then apply one of the interim fixes below:\n\n * Apply Interim Fix [PI42781](<http://www-01.ibm.com/support/docview.wss?uid=swg24040148>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039956>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039668>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039304>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038812>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038093>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037708>): [](<http://www-01.ibm.com/support/docview.wss?uid=swg24036967>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036505>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035398>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034998>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034447>)Will upgrade you to IBM SDK, Java Technology Edition, Version 6R1 Service Refresh 8 (required)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24033359>) +IX90162+IV73188+IV73636+IV73934\n * Apply Interim Fix [PI42775](<http://www-01.ibm.com/support/docview.wss?uid=swg24040156>): [](<http://www-01.ibm.com/support/docview.wss?uid=swg24039958>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039665>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039312>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038810>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038089>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036966>)[](<http://www.ibm.com/support/docview.wss?uid=swg24036508>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035400>)[](<http://www.ibm.com/support/docview.wss?uid=swg24035008>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034806>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034592>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037534>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037709>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036966>)[](<http://www.ibm.com/support/docview.wss?uid=swg24036508>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035400>)[](<http://www.ibm.com/support/docview.wss?uid=swg24035008>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034806>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034592>)Will upgrade you to IBM SDK, Java Technology Edition, Version 7 Service Refresh 9 (optional) +IX90162+IV73188+IV73636+IV73934\n * Apply Interim Fix [PI42774](<http://www-01.ibm.com/support/docview.wss?uid=swg24040157>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039961>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039687>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039311>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038809>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038165>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036966>)[](<http://www.ibm.com/support/docview.wss?uid=swg24036508>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035400>)[](<http://www.ibm.com/support/docview.wss?uid=swg24035008>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034806>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034592>): Will upgrade you to IBM SDK, Java Technology Edition, Version 7R1 Service Refresh 3[](<http://www-01.ibm.com/support/docview.wss?uid=swg24033359>) (optional) +IX90162+IV73188+IV73636+IV73934\n * Apply Interim Fix [PI42733](<http://www-01.ibm.com/support/docview.wss?uid=swg24040158>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039956>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039668>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039304>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038812>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038093>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037708>): [](<http://www-01.ibm.com/support/docview.wss?uid=swg24036967>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036505>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035398>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034998>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034447>)Will upgrade you to IBM SDK, Java Technology Edition, Version 8 Service Refresh 1 (optional)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24033359>) +IX90162+IV73188+IV73636+IV73934\n**\\--OR--**\n\n * Apply IBM Java SDK shipped with WebSphere Application Server Fix pack 7 (8.5.5.7) or later.\n \n**For V8.5.0.0 through 8.5.5.6 Full Profile:**\n\nUpgrade to WebSphere Application Server Full Profile Fix Pack 8.5.5.1 or later then apply one of the interim fixes below:\n\n * Apply Interim Fix [PI42776](<http://www-01.ibm.com/support/docview.wss?uid=swg24040154>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039957>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039651>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039294>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038811>): [](<http://www-01.ibm.com/support/docview.wss?uid=swg24038091>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036966>)[](<http://www.ibm.com/support/docview.wss?uid=swg24036508>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035400>)[](<http://www.ibm.com/support/docview.wss?uid=swg24035008>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034806>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036965>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036506>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035399>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034999>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034798>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034589>)Will upgrade you to IBM SDK, Java Technology Edition, Version 6R1 Service Refresh 8 Fix Pack 4 (required) +IX90162 +IV73188 +IV73636 +IV73934\n * Apply Interim Fix [PI42775](<http://www-01.ibm.com/support/docview.wss?uid=swg24040156>): [](<http://www-01.ibm.com/support/docview.wss?uid=swg24039958>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039665>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039312>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038810>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038089>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036966>)[](<http://www.ibm.com/support/docview.wss?uid=swg24036508>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035400>)[](<http://www.ibm.com/support/docview.wss?uid=swg24035008>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034806>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034592>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037534>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037709>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036966>)[](<http://www.ibm.com/support/docview.wss?uid=swg24036508>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035400>)[](<http://www.ibm.com/support/docview.wss?uid=swg24035008>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034806>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034592>)Will upgrade you to IBM SDK, Java Technology Edition, Version 7 Service Refresh 9 (optional) +IX90162+IV73188+IV73636+IV73934\n * Apply Interim Fix [PI42774](<http://www-01.ibm.com/support/docview.wss?uid=swg24040157>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039961>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039687>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039311>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038809>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038165>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036966>)[](<http://www.ibm.com/support/docview.wss?uid=swg24036508>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035400>)[](<http://www.ibm.com/support/docview.wss?uid=swg24035008>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034806>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034592>): Will upgrade you to IBM SDK, Java Technology Edition, Version 7R1 Service Refresh 3[](<http://www-01.ibm.com/support/docview.wss?uid=swg24033359>) (optional) +IX90162+IV73188+IV73636+IV73934\n**\\--OR--**\n\n * Apply IBM Java SDK shipped with the WebSphere Application Server Fix pack 7 (8.5.5.7) or later.\n \n \n**For V8.0.0.0 through 8.0.0.10:**\n\nUpgrade to WebSphere Application Server Fix Pack 8.0.0.7 or later then apply the interim fix below:\n\n * Apply Interim Fix [PI42777](<http://www-01.ibm.com/support/docview.wss?uid=swg24040159>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039956>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039668>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039304>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038812>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038093>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037708>): [](<http://www-01.ibm.com/support/docview.wss?uid=swg24036967>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036505>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035398>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034998>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034447>)Will upgrade you to IBM SDK, Java Technology Edition, Version 6R1 Service Refresh 8 [](<http://www-01.ibm.com/support/docview.wss?uid=swg24033359>)Fix Pack 4 +IX90162+IV73188+IV73934\n**\\--OR--**\n\n * Apply IBM Java SDK shipped with WebSphere Application Server Fix pack 11 (8.0.0.11) or later.\n \n**For V7.0.0.0 through 7.0.0.37:**\n\nUpgrade to WebSphere Application Server Fix Pack 7.0.0.31 or later then apply the interim fix below:\n\n * Apply Interim Fix [PI42778](<http://www-01.ibm.com/support/docview.wss?uid=swg24040145>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039964>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039694>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039292>):[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038816>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038094>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037515>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036968>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036504>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035397>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034997>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034443>) Will upgrade you to IBM SDK, Java Technology Edition, Version 6 Service Refresh 16[](<http://www-01.ibm.com/support/docview.wss?uid=swg24033359>) Fix Pack 4 +IX90162+IV73934\n**\\--OR--**\n\n * Apply IBM Java SDK shipped with WebSphere Application Server Fix pack 39 (7.0.0.39) or later.\n \n**For V6.1.0.0 through 6.1.0.47:**\n\nUpgrade to WebSphere Application Server Fix Pack 6.1.0.47\n\n * Then apply Interim Fix PI42779[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037458>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035396>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034996>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034418>): Will upgrade you to IBM SDK, Java 2 Technology Edition, Version 5.0 Service Refresh 16 Fix Pack 11 (which includes IV73962)\n \n \n**NOTE:** As the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n \nAfter you have applied the correct Interim fix for your version of the IBM SDK Java Technology Edition. You will also need to update your java.security file to add \n\n`jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768`\n\n \nAdding this line to the java.security file will disable features exploited by Poodle, RC4 (Bar Mitzvah), and logjam vulnerabilities. \nThe IBM Java SDK already has SSLv3 disabled by default and the WebSphere Application Server default configuration does not have any RC4 Ciphers. As such adding the jdk.tls.disabledAlgorithims= for SSLv3 and RC4 is redundant but is consistent with what is required for a stand alone JDK. The java.security file must be updated on the client side with the DH keySize so that is it not vulnerable to the logjam attack. The DH Keysize<768 means that the client will only accept DH keys greater than or equal to 768. \n \n \n**_For IBM WebSphere Application Server for i5/OS operating systems:_** \n \nThe IBM Developer Kit for Java is prerequisite software for WebSphere Application Server for IBM i. Please refer to [_Java on IBM i_](<https://www.ibm.com/support/pages/java-ibm-i>) for updates on when these fixes will be available. \n\n\n## Workarounds and Mitigations\n\nThe Logjam attack which affects TLS connections using the Diffie-Hellman (DH) key exchange protocol may affect some configurations in WebSphere Application Server. \nWebSphere Application Server has DH and DHE ciphers included in the \"STRONG\" or \"HIGH\", \"MEDIUM\" and \"LOW\" cipher lists. They also could be present if you have a \"CUSTOM\" list of ciphers. You will need to remove any of the ciphers that begin with SSL_* or TLS_* that also have DH or DHE in the Name from your WebSphere Application Server SSL configuration. This does NOT include ciphers that have ECDH or ECDHE in the Name, these are elliptic curve Diffie-Hellman ciphers and they are not affected. \n \n**For Full profile:**\n\n * You can view the administrative console page to change the settings, click **Security > SSL certificate and key management**. Under Configuration settings, click** Manage endpoint security configurations > {Inbound | Outbound} > ****_ssl_configuration_**. Under Related items, click **SSL configurations > **. Click on {_SSL_configuration_name_ }. Under **Additional Properties**, click **Quality of protection (QoP) settings**.\n * * For more information on the Quality of Protection settings refer to the Knowledge Center: <http://www-01.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.nd.doc/ae/usec_sslqualprotect.html?lang=en>\n \nOR \n\n * You can use the ModifySSLConfig of the SSLConfigCommands for the Admin Task\n * * For more information on the ModifySSLConfig commands refer to the Knowledge Center: [](<http://www-01.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.nd.doc/ae/usec_sslqualprotect.html?lang=en>)<http://www-01.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.nd.doc/ae/rxml_atsslconfig.html?lang=en>\n \n**For Liberty profile: **\n\n * Update the SSL configuration in server.xml to create a custom list of ciphers with the enabledCiphers attribute\n * * For more information on the enabledCiphers attribute refer to the SSL Configuration: [https://www.ibm.com/docs/SSEQTP_liberty/com.ibm.websphere.wlp.doc/ae/rwlp_ssl.html ](<https://www.ibm.com/docs/SSEQTP_liberty/com.ibm.websphere.wlp.doc/ae/rwlp_ssl.html>)and SSL Repertoire: <https://www.ibm.com/docs/SSAW57_liberty/com.ibm.websphere.liberty.autogen.nd.doc/ae/rwlp_config_ssl.html>\n * * For more information on the IBM SDK Java Technology Edition ciphers that are supported please refer to: <https://www.ibm.com/docs/SSYKE2_7.0.0/com.ibm.java.security.component.70.doc/security-component/jsse2Docs/ciphersuites.html>\n * * For more information on the Oracle Java SE ciphers that are supported please refer: <http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html>\n \nOutbound connections from WebSphere Application Server are impacted but inbound connections are not. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the DH or DHE stream ciphers will expose yourself to the Logjam attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-09-08T00:09:56", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2022-09-08T00:09:56", "id": "071B3ECF88492CB6DA63393D64D3FB74AB0EB97331D3FB675F3ED64F4D1398E2", "href": "https://www.ibm.com/support/pages/node/527817", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:48:49", "description": "## Summary\n\nIBM Cloud Manager with Openstack is vulnerable to Logjam vulnerability, attackers could exploit them to obtain sensitive information\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Cloud Manager with OpenStack 4.1.0 through 4.1.0.4 \nIBM Cloud Manager with OpenStack 4.2.0 through 4.2.0.3 \nIBM Cloud Manager with OpenStack 4.3.0 through 4.3.0.3\n\n## Remediation/Fixes\n\nProduct\n\n| VRMF| APAR| Remediation/First Fix \n---|---|---|--- \nIBM Cloud Manager with Openstack| 4.3.0| None| IBM Cloud Manager with Openstack 4.3 interim fix 1 for fix pack 3: \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%3FOther%2Bsoftware&product=ibm/Other+software/Cloud+Manager+with+Openstack&release=All&platform=All&function=fixId&fixids=4.3.0.3-IBM-CMWO-IF001&includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%3FOther%2Bsoftware&product=ibm/Other+software/Cloud+Manager+with+Openstack&release=All&platform=All&function=fixId&fixids=4.3.0.3-IBM-CMWO-IF001&includeSupersedes=0>) \nIBM Cloud Manager with Openstack| 4.2.0| None| IBM Cloud Manager with Openstack 4.2 interim fix 1 for fix pack 3: \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%3FOther%2Bsoftware&product=ibm/Other+software/Cloud+Manager+with+Openstack&release=All&platform=All&function=fixId&fixids=4.2.0.3-IBM-CMWO-IF001&includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%3FOther%2Bsoftware&product=ibm/Other+software/Cloud+Manager+with+Openstack&release=All&platform=All&function=fixId&fixids=4.2.0.3-IBM-CMWO-IF001&includeSupersedes=0>) \nIBM Cloud Manager with Openstack| 4.1.0| None| IBM Cloud Manager with Openstack 4.1 interim fix 5 for fix pack 4: \n[http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%3FOther%2Bsoftware&product=ibm/Other+software/Cloud+Manager+with+Openstack&release=All&platform=All&function=fixId&fixids=4.1.0.4-IBM-CMWO-IF005&includeSupersedes=0](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%3FOther%2Bsoftware&product=ibm/Other+software/Cloud+Manager+with+Openstack&release=All&platform=All&function=fixId&fixids=4.1.0.4-IBM-CMWO-IF005&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\n * For the OpenStack Dashboard: \n * Edit the OpenStack Dashboard Apache Httpd configuration file, /etc/httpd/sites-enabled/openstack-dashboard.conf, and disable the DH or DHE ciphers by adding the following line after to the \"SSLProtocol\" option: SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!EDH\n \nFor the Self Service portal user interface: \n\n * Edit the Self-Service portal JRE security configuration file, /opt/ibm/$SCE_version/jre/lib/security/java.security, and disable the DH ciphers with key size less than 768 by changing: jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768\n * For ICM 4.3 release and above, you also need to configure the Self Service Portal user interface Apache Httpd configuration file /etc/httpd/sites-enabled/ibm-self-service-ui.conf, disable the DH or DHE ciphers by adding the following line after to the \"SSLProtocol\" option: SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!EDH\n * You should verify applying this configuration change does not cause any compatibility issues. Not disabling the DH or DHE cipher with key size < 768 will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have disable the DH or DHE cipher with key size < 768 and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-08-08T04:13:55", "type": "ibm", "title": "Security Bulletin: Logjam\nvulnerability affect IBM Cloud Manager with Openstack (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-08-08T04:13:55", "id": "B1DB72C0367C124FCB0F38FE4461054D946F67EFA306FEAECDAE4FD6E06D95E6", "href": "https://www.ibm.com/support/pages/node/681381", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:43:00", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM i.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nReleases V5R3, V5R4, 6.1, 7.1 and 7.2 of IBM i are affected. \n\n## Remediation/Fixes\n\nThe issue can be fixed by applying a PTF to the IBM i Operating System. \n \nReleases 6.1, 7.1 and 7.2 of IBM i are supported and will be fixed. Releases V5R3 and V5R4 are unsupported and will not be fixed. \n \n**The IBM i OS PTF numbers are:** \n \n**Release 6.1 \u2013 SI57527** \n**Release 7.1 \u2013 SI57473** \n**Release 7.2 \u2013 SI57468** \n \n**PTFs for IBM i Java** \n \n**Java60** \n**\\-----------------------** \n**6.1 and 7.1** \n \n**32bit: SI57243** \n**64bit: SI57246** \n \n**7.2** \n**32bit: SI57244** \n**64bit: SI57245** \n \n**Java626** \n**\\-----------------------** \n**6.1 and 7.1** \n**32bit: SI57250** \n**64bit: SI57247** \n \n**7.2** \n**32bit: SI57248** \n**64bit: SI57249** \n \n**Java70 ** \n**\\-----------------------** \n**6.1 and 7.1** \n**32bit: SI57278 SI57277** \n**64bit: SI57279 SI57280** \n \n**7.2** \n**32bit: SI57281** \n**64bit: SI57282** \n \n**Java 71** \n**\\-----------------------** \n**7.1** \n**32bit: SI57291** \n**64bit: SI57293** \n \n**7.2** \n**32bit: SI57292** \n**64bit: SI57294** \n \n**Java80** \n**\\-----------------------** \n**7.1** \n**32bit: SI57296** \n**64bit: SI57298** \n \n**7.2** \n**32bit: SI57297** \n**64bit: SI57299** \n \nFor CVE-2015-4000: As the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n \nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n \n**_Important note: _**_IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nNone known\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-12-18T14:26:38", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM i (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2019-12-18T14:26:38", "id": "83FA7A19C477B3CD7F62A6093A5E7FBA59DD3F7E01AC5792ED206BB8B735873D", "href": "https://www.ibm.com/support/pages/node/666357", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:38:35", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Sterling Connect:Direct Browser.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \n**CVSS:** \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Sterling Connect:Direct Browser 1.4.0 through 1.4.11 \nIBM Sterling Connect:Direct Browser 1.5.0 through 1.5.02 iFix10 \n\n## Remediation/Fixes\n\nNone.\n\n## Workarounds and Mitigations\n\nDisabling DH and DHE ciphersuites. This can be achieved by adding the DH and DHE cipher suites to the list of disabled algorithms defined by the jdk.tls.disabledAlgorithms security property in java.security file: \n \n<connect_direct_browser_install>\\jre\\\\\\lib\\security\\java.security \n \njdk.tls.disabledAlgorithms=SSLv3, RC4, DH, DHE \n \nAdding this line to the java.security file will disable features exploited by Poodle, RC4 (Bar Mitzvah), and logjam vulnerabilities. \n \nYou should verify applying this configuration change does not cause any compatibility issues. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-07-24T22:49:37", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Sterling Connect:Direct Browser (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2020-07-24T22:49:37", "id": "412A23698346485ED0CCEA67B67B235B702886E4DF8B7C006C90674AF9BC802B", "href": "https://www.ibm.com/support/pages/node/531027", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:40:18", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Netezza PureData System for Analytics.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n\n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Netezza Support Tools 2.0.0.1 and prior releases\n\n## Remediation/Fixes\n\nIBM Netezza FDT Support Tools\n\n| _2.0.0.2_| [Link to Fix Central](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/Netezza+Tools&release=FDTSUPPORT_2.0.0&platform=Linux&function=fixId&fixids=2.0.0.2-IM-Netezza-FDTSUPPTOOLS-fp107146&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>) \n---|---|--- \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-10-18T03:10:29", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Netezza PureData System for Analytics (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2019-10-18T03:10:29", "id": "C3BF05E5C399383B3AFDD2C7B925A53988C3B7DF9A617456733297F5F136F085", "href": "https://www.ibm.com/support/pages/node/538863", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-11T23:50:42", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of Tivoli Netcool Impact . Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. \n \nFor Tivoli Netcool/Impact version 7.1.0 the shipped archive version of Websphere Liberty Profile does not provide updated Java SDKs, which will be required for the fix. Fix Pack 7.1.0-TIV-NCI-FP0003 will provide the updated Java SDK instead, for Tivoli Netcool/Impact version 7.1.0. \n\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\n \n\n\n_Principal Product and Version(s)_| _Affected Supporting Product and Version_ \n---|--- \nTivoli Impact/Netcool 7.1.0| WebSphere Liberty Profile 8.5.5 \nTivoli Impact/Netcool 6.1.x| WebSphere 7.0 \nTivoli Impact/Netcool 5.1.x| WebSphere 6.1 \n \n## Remediation/Fixes\n\n \n_Principal Product and Version(s)_| _Affected Supporting Product and Version_ \n---|--- \nTivoli Impact/Netcool 7.1.0| WebSphere Liberty Profile 8.5.5 \n \nFix will be available bundled with 7.1.0-TIV-NCI-FP0003. \n \n<http://www.ibm.com/support/docview.wss?uid=swg24040149> \nTivoli Impact/Netcool 6.1.x| WebSphere 7.0 \n \nUpgrade to WebSphere Application Server Fix Pack 7.0.0.31 or later then apply the interim fix below: \n\n * Apply Interim Fix [_PI42778_](<http://www-01.ibm.com/support/docview.wss?uid=swg24040145>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039964>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039694>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039292>):[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038816>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038094>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037515>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036968>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036504>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035397>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034997>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034443>) Will upgrade you to IBM SDK, Java Technology Edition, Version 6 Service Refresh 16[](<http://www-01.ibm.com/support/docview.wss?uid=swg24033359>) Fix Pack 4 +IX90162+IV73934\n \nSee Websphere Application Server Security Bulletin for more details: <http://www-01.ibm.com/support/docview.wss?uid=swg21957980> \nTivoli Impact/Netcool 5.1.x| WebSphere 6.1 \n \nUpgrade to WebSphere Application Server Fix Pack 6.1.0.47 \n\n * Then apply Interim Fix [_PI42779_](<http://www-01.ibm.com/support/docview.wss?uid=swg24040182>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037458>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035396>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034996>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034418>): Will upgrade you to IBM SDK, Java 2 Technology Edition, Version 5.0 Service Refresh 16 Fix Pack 11 (which includes IV73962)\n \nSee Websphere Application Server Security Bulletin for more details: <http://www-01.ibm.com/support/docview.wss?uid=swg21957980> \n \n## Workarounds and Mitigations\n\n \nFor Tivoli Impact/Netcool version 5.1.x and 6.1.x, refer to the \"Full Profile\" portion in the \"Workarounds and Mitigation\" section of the \n \nFor Tivoli Impact/Netcool version 7.1.0 refer to the \"Liberty Profile\" portion in the \"Workarounds and Mitigation\" section of the Websphere Application Server Security Bulletin: <http://www-01.ibm.com/support/docview.wss?uid=swg21957980>\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v2](<http://nvd.nist.gov/CVSS-v2-Calculator> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\nReported to IBM by The WeakDH team at https://weakdh.org \n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n[{\"Product\":{\"code\":\"SSSHYH\",\"label\":\"Tivoli Netcool\\/Impact\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Component\":\"Netcool\\/Impact\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF002\",\"label\":\"AIX\"}],\"Version\":\"5.1;5.1.1;6.1;6.1.1;7.1.0\",\"Edition\":\"All Editions\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.7, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2018-06-17T15:03:28", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Websphere Application Server shipped with Tivoli Netcool/Impact. (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:03:28", "id": "3C37A4D590FB68C9A8E04A39047280D96920D7DC8C3F53505F4CE6EE9ED89688", "href": "https://www.ibm.com/support/pages/node/529283", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:52:10", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Security Access Manager for Web and IBM Tivoli Access Manager for e-business. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Tivoli Access Manager for e-business versions 6.0, 6.1, 6.1.1 \nIBM Security Access Manager for Web version 7.0 software \nIBM Security Access Manager for Web version 7.0 appliance, all firmware versions \nIBM Security Access Manager for Web version 8.0 appliance, all firmware versions \n\n## Remediation/Fixes\n\nThe table below provides links to patches for all affected IBM Security Access Manager for Web appliance versions. Follow the installation instructions in the README file included with the patch. \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Security Access Manager for Web \n_(appliance-based)_| _7.0.0.0 - \n7.0.0.15_| IV75309| Apply the 7.0.0.16 interim fix:_ \n_[_7.0.0-ISS-WGA-IF0016_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=All&function=all>) \nIBM Security Access Manager for Web| _8.0.0.1 - \n8.0.1.3_| IV75304| Upgrade to the 8.0.1.3 interim fix: \n[_8.0.1.3-ISS-WGA-IF0001_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=8.0&platform=Linux&function=all>) \n \nThe table below describes the remediation for all affected IBM Tivoli Access Manager for e-business and IBM Security Access Manager for Web** **software versions. \n \n**Product**| **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nIBM Tivoli Access Manager for e-business | _6.0_| IV75107| 1) Apply the 6.0.0.40 interim fix: \n[6.0.0-ISS-TAM-IF0040](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=6.0.0&platform=All&function=all>) \n2) Upgrade the WebSphere Application Server installations in your environment as described in this bulletin: \n<http://www-01.ibm.com/support/docview.wss?uid=swg21957980> \nIBM Tivoli Access Manager for e-business | _6.1_| IV75107| 1) Apply the 6.1.0.21 interim fix: \n[6.1.0-ISS-TAM-IF0021](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=6.1.0&platform=All&function=all>) \n2) Upgrade the WebSphere Application Server installations in your environment as described in this bulletin: \n<http://www-01.ibm.com/support/docview.wss?uid=swg21957980> \nIBM Tivoli Access Manager for e-business | _6.1.1_| IV75309| 1) Apply the 6.1.1.20 interim fix: \n[6.1.1-ISS-TAM-IF0020](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=6.1.1&platform=All&function=all>) \n2) Upgrade the WebSphere Application Server installations in your environment as described in this bulletin: \n<http://www-01.ibm.com/support/docview.wss?uid=swg21957980> \nIBM Security Access Manager for Web \n_(software-installation)_| _7.0.0.0 -_ \n_7.0.0.15_| IV75309| 1) Apply the 7.0.0.16 interim fix: \n[7.0.0-ISS-SAM-IF0016](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=7.0.0&platform=All&function=all>) \n2) Upgrade the WebSphere Application Server installations in your environment as described in this bulletin: \n<http://www-01.ibm.com/support/docview.wss?uid=swg21957980> \n \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n \n_For __IBM Tivoli Access Manager 5.1, __IBM recommends upgrading to a fixed, supported release of the product._\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T21:25:51", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Access Manager for Web and IBM Tivoli Access Manager for e-business (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T21:25:51", "id": "03F6BE239E8BF6FDDA6BA3CD245A4F46A3FB8182F139BA77C08E9CD4C4A33FEE", "href": "https://www.ibm.com/support/pages/node/532371", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:44", "description": "## Summary\n\nWebSphere Application Server is shipped as a component of WebSphere Remote Server. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nFor vulnerability details, see the security bulletin [**_Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)_**](<http://www.ibm.com/support/docview.wss?uid=swg21957980>)**.**\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version(s) \n---|--- \nWebSphere Remote Server \nV6.2, 6.2.1, 7.0, 7.1, 7.1.1, 7.1.2, 8.5| WebSphere Application Server \nV6.1, 7.0, 8.0, 8.5, 8.5.5 \n \n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:10", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:10", "id": "EED70DAEC5A3F44677119009339AC1CBA0D09F4A1FB885C248E75518AAE762AC", "href": "https://www.ibm.com/support/pages/node/528085", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-03-25T01:33:48", "description": "## ", "cvss3": {}, "published": "2023-03-25T00:44:29", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects TS3100/TS3200 (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2023-03-25T00:44:29", "id": "ECEDCC21226E7AABE0C2F6E4A0B1F49C6E563703F477B53AC27B9E48E4049266", "href": "https://www.ibm.com/support/pages/node/818932", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:38:50", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Infosphere BigInsights. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM InfoSphere BigInsights 1.1.0, 1.2.0, 1.3.0,1.4.0, 2.0, 2.1, 2.1.2, 3.0, 3.0.0.1, 3.0.0.2, 4.0 \n\n## Remediation/Fixes\n\nUpdate JVM as a fix for all affected releases of BigInsights.\n\n## Workarounds and Mitigations\n\n**For BI 3.x or earlier**\n\n 1. Upgrade to a Java version that corrects the vulnerability\n \nTo obtain a fix pack, go to <http://www.ibm.com/developerworks/java/jdk/linux/download.html> and download an updated edition of Java for Linux, **Platform: **64-bit AMD/Opteron/EM64T \n\nBigInsights products use:\n\n \n**Java SE Version 7 for BI 3.x**\n * IBM SDK, Java Technology Edition, Version 7, Release 1, Service Refresh 3, Fix Pack 1 \n * IBM SDK, Java Technology Edition, Version 7, Service Refresh 9, Fix Pack 1 \n * **Java SE Version 6 for BI versions earlier than 3.x**\n * IBM SDK, Java Technology Edition, Version 6.0.1 (J9 VM2.6), Service Refresh 8, Fix Pack 5 \n * IBM SDK, Java Technology Edition, Version 6, Service Refresh 16, Fix Pack 5 \n \n2\\. To confirm that vulnerability does not exist \n \nAfter updating the Java version \n\n 1. Enable https and configure with self created certificate\n 2. Using Firefox 38.0.1. ESR or later, you will _not_ see an error similar to the attachment: check_if_vulnerable.png\n \n\n\n**For BI 4.0**\n\n \n \n**Knox**\n\n 1. Upgrade to openjdk java version \"1.7.0_79\" (critical security upgrade)\n * yum install java-1.7.0-openjdk-devel java-1.7.0-openjdk \n2\\. Modify /etc/ambari-server/conf/ambari.properties for ambari to pick up openjdk-1.7.0.79 \n * java.home=/usr/lib/jvm/java-1.7.0-openjdk-1.7.0.79.x86_64\n3\\. Stop Knox server from Ambari \n4\\. Backup your script, /usr/iop/current/knox-server/bin/gateway.sh \n5\\. Update /usr/iop/current/knox-server/bin/gateway.sh with \"gateway.sh\" gateway.sh \n6\\. Re-start Knox server from Ambari \n \n \n**Ambari** \nIf only using ambari-server setup-security to set SSL self signed (non CA certificate), follow these steps: \n\n 1. From Ambari server node command line, run: \"ambari-server stop\"\n 2. Backup your script, /var/lib/ambari-agent/ambari-env.sh\n 3. Upgrade to openjdk java version \"1.7.0_79\" (critical security upgrade)\n 4. Update /var/lib/ambari-agent/ambari-env.sh with \"ambari-env.sh\" ambari-env.sh\n 5. Start Ambari server, run: \"ambari-server start\"\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-07-18T23:22:56", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM Infosphere BigInsights (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2020-07-18T23:22:56", "id": "B84C78D03D986BF322F4DAA6A582BF37937165F4BFD024C3BA31CB8D635DDAEA", "href": "https://www.ibm.com/support/pages/node/531641", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:52:55", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM B2B Advanced Communications.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \n \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n\n**CVSS:** \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Multi-Enterprise Integration Gateway 1.0 - 1.0.0.1 \nIBM B2B Advanced Communications 1.0.0.2 - 1.0.0.3\n\n## Remediation/Fixes\n\nThe recommended solution is to upgrade to the current release as soon as practical. Please see below for information about the fixes available. \n \n\n\n**_Fix_**| **_VRMF_**| **_APAR_**| **_How to acquire fix_** \n---|---|---|--- \nInterim Fix 1.0.0.3_1| 1.0.0.3| IT09245| IBM Fix Central > [](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Other+software/Multi-Enterprise+Integration+Gateway&release=1.0.0.1&platform=All&function=fixId&fixids=IBM_Multi-Enterprise_Integration_Gateway_V1.0.0.1_3_iFix_Media&includeSupersedes=0>)[B2B_Advanced_Communications_V1.0.0.3_1_iFix_Media](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Multi-Enterprise+Integration+Gateway&release=1.0.0.3&platform=All&function=fixId&fixids=IBM_B2B_Advanced_Communications_V1.0.0.3_1_iFix_Media&includeSupersedes=0>) \n \n## Workarounds and Mitigations\n\nIf you are not applying the fix, follow these steps to mitigate vulnerability: \n \nTo mitigate the risk exposed by the Logjam vulnerability, update the java.security parameter in the IBM SDK Java\u2122 Technology Edition Version 7 security property file for each of your B2B Advanced Communication installations. The following instructions assume you have rights to access and edit the property file. \n \n**Procedure**: Perform the following steps for each B2B Advanced Communication installation: \n \n1) Open the security property file <installation_root>/java/jre/lib/security/java.security in a text editor \n \n2) Find the following property: \n\n\njdk.tls.disabledAlgorithms \n3) Add the following algorithms to be disabled to the property: \n\n\nDH, DHE \nFor example, if the property currently appears as follows: \n\n\njdk.tls.disabledAlgorithms=SSLv3, RC4 \nAfter adding the Diffie-Hellman algorithms to be disabled, it should read: \n\n\njdk.tls.disabledAlgorithms=SSLv3, RC4, DH, DHE \n \n4) Save and close the property file. \n \n5) For the changes to take effect, stop and then start all members. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T19:45:30", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM B2B Advanced Communications (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T19:45:30", "id": "60D49292EE23D6C413E43502DFDA4A984EF74A28EC05D5B3E28648D57811BF6B", "href": "https://www.ibm.com/support/pages/node/529087", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:51:08", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of IBM WebSphere Application Server Full Profile that is shipped as a component of WebSphere Business Compass. The IBM HTTP Server used by WebSphere Application Server is not affected. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nWebSphere Business Compass V7.0.0.4.\n\n## Remediation/Fixes\n\nConsult the security bulletin** **[**_Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)_**](<http://www.ibm.com/support/docview.wss?uid=swg21957980>) for vulnerability details and information about fixes.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-23T04:04:04", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect WebSphere Business Compass (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-23T04:04:04", "id": "632EC1479A8EF271A3EE2F0C95E8810361710809923C795C43A3480F642DBB45", "href": "https://www.ibm.com/support/pages/node/710493", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-24T05:46:43", "description": "## Abstract\n\nSecurity Bulletin: Vulnerability in Diffie-Hellman ciphers affects FileNet Content Manager, IBM Content Foundation and FileNet BPM (CVE-2015-4000)\n\n## Body\n\nIBM has provided fix packs for FileNet Content Manager, IBM Content Foundation and FileNet Business Process Manager products to address vulnerabilities in the Diffie-Hellman ciphers. See the following Security Bulletin: Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects FileNet Content Manager, IBM Content Foundation and FileNet BPM (CVE-2015-4000)\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SSNVNV\",\"label\":\"FileNet Content Manager\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}] \n\n## UID\n\nibm11280464", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-01-27T13:21:12", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects FileNet Content Manager, IBM Content Foundation and FileNet BPM (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2020-01-27T13:21:12", "id": "69E648231E4EAEC238E7B890A4F1D9D216A2D891B07882A95FBBE3C79E1EEED3", "href": "https://www.ibm.com/support/pages/node/1280464", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T06:10:02", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of the IBM WebSphere Application Server used with the IBM i2 Intelligence Analysis Platform. The IBM HTTP Server used by IBM i2 Intelligence Analysis Platform is not affected.\n\n## Vulnerability Details\n\n**CVEID**: [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000\\)>) \n**DESCRIPTION**: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n \nThe following IBM Intelligence Analysis Platform version may be affected: Version 3.0.9 \n\n * IBM Counter Fraud Management 1.5.0.5 supports IAP Version 3.0.9. \n * IBM Counter Fraud Management 2.0.0.0 supports IAP Version 3.0.9. \n\n\n## Remediation/Fixes\n\nYou should apply the correct Interim Fix as noted below for the IBM SDK Java Technology Edition. You will also need to update your java.security file to add: \n \n`jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize <768` \n \nAdding this line to the java.security file will disable features exploited by Poodle, RC4 (Bar Mitzvah), and logjam vulnerabilities. \n \nThe java.security file must be updated on the client side with the DH keySize so that is it not vulnerable to the logjam attack. Although WebSphere Application Server has disabled these ciphers and protocols by default, having RC4 and SSLv3 disabled in the java.security file is good practice since it will stop any attempt at using these. \n \nFor V3.0.9 Windows \nApply the following fix: \n\n * [IBM i2 Intelligence Analysis Platform 3.0.9 Fix Pack 1 Windows Download](<http://www-01.ibm.com/support/docview.wss?uid=swg24040326>)\n \nFor V3.0.9 Linux \nApply the following fix: \n\n * [IBM i2 Intelligence Analysis Platform 3.0.9 Fix Pack 1 Linux Download](<http://www-01.ibm.com/support/docview.wss?uid=swg24040328>)\n\n## Workarounds and Mitigations\n\nThe Logjam attack which affects TLS connections using the Diffie-Hellman (DH) key exchange protocol may affect some configurations in WebSphere Application Server. \n \nRefer to the 'Workarounds and Mitigations' section of the IBM WebSphere Application Server security bulletin for full details of available workarounds and mitigations: \n<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-01-28T16:10:36", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM i2 Intelligence Analysis Platform (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2022-01-28T16:10:36", "id": "561CEC1045BBBD68C46C295237A02CBBD538F6877212896605834C5043950E47", "href": "https://www.ibm.com/support/pages/node/268539", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:46:08", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM MessageSight.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)\n\n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\".\n\nCVSS Base Score: 4.3\n\n \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM MessageSight 1.2 and earlier\n\n## Remediation/Fixes\n\n_Product_\n\n| \n_VRMF_| \n_APAR_| \n_Remediation/First Fix_ \n---|---|---|--- \n \n_IBM MessageSight_| \n_1.2_| \n_IT09765_| [_1.2.0.1-IBM-IMA-Physical-IFIT09765_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EOther%2Bsoftware&product=ibm/Other+software/MessageSight&release=All&platform=All&function=fixId&fixids=1.2.0.1-IBM-IMA-Physical-IFIT09765&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>) \n[_1.2.0.1-IBM-IMA-VirtualEdition-IFIT09765_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EOther%2Bsoftware&product=ibm/Other+software/MessageSight&release=All&platform=All&function=fixId&fixids=1.2.0.1-IBM-IMA-VirtualEdition-IFIT09765&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>) \n[_1.2.0.1-IBM-IMA-SoftLayerVirtual-IFIT09765_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EOther%2Bsoftware&product=ibm/Other+software/MessageSight&release=All&platform=All&function=fixId&fixids=1.2.0.1-IBM-IMA-SoftLayerVirtual-IT09765&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>) \n[_1.2.0.1-IBM-IMA-BareMetal-IFIT09765_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EOther%2Bsoftware&product=ibm/Other+software/MessageSight&release=All&platform=All&function=fixId&fixids=1.2.0.1-IBM-IMA-BareMetal-IFIT09765&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>) \n \n_IBM MessageSight_| \n_1.1_| \n_IT09765_| [_1.1.0.1-IBM-IMA-IFIT09765_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EOther%2Bsoftware&product=ibm/Other+software/MessageSight&release=All&platform=All&function=fixId&fixids=1.1.0.1-IBM-IMA-IFIT09765&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc>) \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:12:15", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM MessageSight (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:12:15", "id": "54B24FB930A5B52A3EE2BE0710A1197AA5E07DB7049A776A73BD917EC40981E0", "href": "https://www.ibm.com/support/pages/node/530179", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:49:08", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Rational RequisitePro.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Rational RequisitePro, versions 7.1.0.x, 7.1.1.x, 7.1.2.x, 7.1.3.x, 7.1.4.x, in the following components: \n\n\n * Customer defined uses of SSL from ratlperl scripts. \n\n## Remediation/Fixes\n\nAll fixes listed below require the latest published fix pack before applying the rest of the fix. \n \n\n\n**Affected Versions**\n\n| \n\n** Prerequisite before applying the fix** \n \n---|--- \n \n7.1.4 through 7.1.4.7\n\n| Install [Rational RequisitePro Fix Pack 8 (7.1.4.8) for 7.1.4](<http://www-01.ibm.com/support/docview.wss?uid=swg24040133>) \n \n7.1.3 through 7.1.3.14\n\n| Install [Rational RequisitePro Fix Pack 15 (7.1.3.15) for 7.1.3](<http://www-01.ibm.com/support/docview.wss?uid=swg24040132>) \n \n7.1.2.x (all fix packs) \n7.1.1.x (all fix packs) \n7.1.0.x (all fix packs)\n\n| Install [Rational RequisitePro Fix Pack 18 (7.1.2.18) for 7.1.2](<http://www-01.ibm.com/support/docview.wss?uid=swg24040131>). **Note: **7.1.2.18 interoperates with all 7.1.x.x systems, and can be installed in the same way as 7.1.x.x fix packs. \n \nThe solution is to update to the fix pack listed above, then contact Rational Customer Support for a test fix with additional fixes for this issue. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T05:03:30", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Rational RequisitePro (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T05:03:30", "id": "5B1C8DFECC490501CCEC802D5035F91EA703BC6739953AA8A6A82F8771D1E1C2", "href": "https://www.ibm.com/support/pages/node/529943", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:32", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM OS Images for Red Hat Linux Systems, AIX, and Windows-based deployments. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM OS Image for Red Hat Linux Systems 3.0.0.0 and earlier. \nIBM OS Image for AIX Systems 2.1.1.0 and earlier.\n\n## Remediation/Fixes\n\nVirtual machines deployed from IBM PureApplication Systems are affected. This includes RedHat Linux, AIX-based, and Windows-based deployments. The solution is to apply the following IBM PureApplication System fix to the deployed virtual machines. \n \nJava Updates: \n[_http://www.ibm.com/support/fixcentral/swg/quickorder?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=Java_Update_AIX_CVE-2015-4000,Java_Update_Windows_CVE-2015-4000,Java_Update_Linux_CVE-2015-4000&includeSupersedes=0&source=fc_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=All&platform=All&function=fixId&fixids=Java_Update_AIX_CVE-2015-4000,Java_Update_Windows_CVE-2015-4000,Java_Update_Linux_CVE-2015-4000&includeSupersedes=0&source=fc>)__ __ \n \n \n1\\. Import the fix into the Emergency Fix catalogue. \n2\\. For deployed instances, apply this emergency fix on the VM. \n3\\. Restart the deployed instance after the fix is applied. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:30", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM OS Images for Red Hat Linux Systems, AIX, and Windows-based deployments. (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:30", "id": "0A44E07BB2A053DB368C1875C0DF192A839436B073C821EA679DBB1D234D95FD", "href": "https://www.ibm.com/support/pages/node/535645", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:54:54", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Algo Credit Limits.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nAlgo Credit Limits 4.7 and earlier\n\n## Remediation/Fixes\n\nA fix has been created for version 4.5.0.05 and 4.7.0.03 of the named product. Download and install the fix as soon as practicable. Fix and installation instructions are provided at the URL listed below. \n \nFor versions prior to 4.7.0 IBM recommends upgrading to a fixed, supported version/release/platform of the product. \n \n \n\n\nPatch Number| Download URL \n---|--- \nACLM 4.7.0.03 FP7| [_ACL 4.7.0.03 FP7 Solaris Oracle_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.7.0.03-Algo-CreditLimits-SolOra-fp0007:0&includeSupersedes=0&source=fc&login=true>) \n[_ACL 4.7.0.03 FP7 Solaris DB2_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.7.0.03-Algo-CreditLimits-SolDB2-fp0007:0&includeSupersedes=0&source=fc&login=true>) \n[_ACL 4.7.0.03 FP7 RedHat Oracle_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.7.0.03-Algo-CreditLimits-RHESOra-fp0007:0&includeSupersedes=0&source=fc&login=true>) \n[_ACL 4.7.0.03 FP7 AIX Oracle_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.7.0.03-Algo-CreditLimits-AIXOra-fp0007:0&includeSupersedes=0&source=fc&login=true>) \n[_ACL 4.7.0.03 FP7 Window GUI Oracle_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.7.0.03-Algo-CreditLimits-WinOra-fp0007:0&includeSupersedes=0&source=fc&login=true>) \n[_ACL 4.7.0.03 FP7 Window GUI DB2_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.7.0.03-Algo-CreditLimits-WinDB2-fp0007:0&includeSupersedes=0&source=fc&login=true>) \nACLM-TFOLC 4.5.0.05 IF9| [_ACLM-TFOLC 4.5.0.05 IF9_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Information+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=4.5.0.5-Algo-CreditLimits-if0009-cs:0&includeSupersedes=0&source=fc&login=true>) \n \nAs the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n\nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nTo disable the DHE stream cipher in your Algo Credit Limits server installation,** **edit $ACLM_HOME/jlib/platform/jre/jre/lib/security/java.security. Find the line **jdk.tls.disabledAlgorithms=SSLv3 **and change it to **jdk.tls.disabledAlgorithms=SSLv3, RC4, DHE**\n\n \nIf you use the Tomcat included in your Algo Credit Limits installation to provide access to your environment, you need to make sure to substitute the self-signed certificate in the Tomcat keystore in $ACLM_HOME/jlib/etc/system/cfg/jlib.jks with a valid certificate for this server. The certificate's signature algorithm must be SHA1withRSA and the key algorithm must be RSA. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T22:37:35", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Algo Credit Limits (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T22:37:35", "id": "EB1DCA497A53756F1BDBE022C877F98BA5E257C84474BCB75AF60A56705FB061", "href": "https://www.ibm.com/support/pages/node/529035", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:56:14", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise and supporting products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Principal Product and Versions**\n\n| **Affected Supporting Product and Version** \n---|--- \nIBM Cloud Orchestrator 2.5| IBM Business Process Manager Standard 8.5.0.1 \nIBM BigFix Patch 9.2.6 \nIBM Cloud Manager for Openstack 4.3 \nIBM Tivoli System Automation Application Manager 4.1 \nIBM Tivoli System Automation for Multiplatforms 4.1.0.2 \nIBM DB2 Enterprise Server Edition 10.5.0.2 \nIBM Cloud Orchestrator Enterprise Edition 2.5| IBM Business Process Manager Standard 8.5.0.1 \nIBM BigFix Patch 9.2.6 \nIBM Cloud Manager for Openstack 4.3 \nIBM Tivoli System Automation Application Manager 4.1 \nIBM Tivoli System Automation for Multiplatforms 4.1.0.2 \nIBM DB2 Enterprise Server Edition 10.5.0.2 \nIBM SmartCloud Cost Management 2.1.0.5 \nIBM Tivoli Monitoring 6.3.0.2 \nIBM Cloud Orchestrator 2.4, 2.4.0.1 and 2.4.0.2 and 2.4.0.2 Interim Fix1| IBM Business Process Manager Standard 8.5.0.1 \nIBM Tivoli System Automation Application Manager 4.1 \nIBM Tivoli System Automation for Multiplatforms 4.1 \nIBM Endpoint Manager for Patch Management 9.1 \nIBM DB2 Enterprise Server Edition 10.5.0.2 \nIBM Cloud Orchestrator Enterprise 2.4, 2.4.0.1, 2.4.0.2 and 2.4.0.2 Interim Fix1| IBM Business Process Manager Standard 8.5.0.1 \nIBM Tivoli System Automation Application Manager 4.1 \nIBM Tivoli System Automation for Multiplatforms 4.1 \nIBM Endpoint Manager for Patch Management 9.1 \nIBM DB2 Enterprise Server Edition 10.5.0.2 \nIBM SmartCloud Cost Management 2.1.0.4 \nIBM Tivoli Monitoring 6.3.0.2 \n \n## Remediation/Fixes\n\nThe recommended solution is to apply the fixes as soon as practical. Review the information below regarding the available fixes. \n\n**Click for your version of IBM Cloud Orchestrator** \n \n--- \nIBM Cloud Orchestrator 2.5| IBM Cloud Orchestrator Eterprise Edition 2.5| IBM Cloud Orchestrator 2.4, 2.4.0.1, 2.4.0.2 or 2.4.0.2 Interim Fix1| IBM Cloud Orchestrator Enterprise Edition 2.4, 2.4.0.1, 2.4.0.2 or 2.4.0.2 Interim Fix1 \n**Note:** You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n* * *\n\nIf you are running IBM Cloud Orchestrator 2.5, upgrade to [**IBM Cloud Orchestrator 2.5 Fix Pack 1 (2.5.0.1)**](<http://www.ibm.com/support/docview.wss?uid=swg2C4000006>).\n\nFor affected supporting products shipped with IBM Cloud Orchestrator consult the security bulletins below for vulnerability details and apply fixes as appropriate depending on your environment.\n\n**Affected Supporting Product**| **Version**| **Remediation/First Fix** \n---|---|--- \nIBM Business Process Manager \n| 8.5.6 \n \n| [_Security Bulletin: Multiple vulnerabilities in IBM Business Process Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000) _](<http://www.ibm.com/support/docview.wss?uid=swg21882542>) \nIBM Big Fix Patch| 9.2.6| [_Security Bulletin: Multiple vulnerabilities in IBM Endpoint Manager for Patch Management shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882824>) \nIBM Cloud Manager for Openstack| 4.3| [_Security Bulletin: Logjam vulnerability affect IBM Cloud Manager with Openstack (CVE-2015-4000)_](<http://www-01.ibm.com/support/docview.wss?uid=isg3T1022752>) \nIBM Tivoli System Automation Application Manager| 4.1| [_Security Bulletin: Multiple vulnerabilities in IBM Tivoli System Automation Application Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882528>) \nIBM Tivoli System Automation for Multiplatforms| 4.1.0.2| [_Security Bulletin: Multiple vulnerabilities in IBM Tivoli System Automation for Multiplatforms shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882549>) \nIBM DB2 Enterprise Server Edition| 10.5.0.5| [_Security Bulletin: Multiple vulnerabilities in IBM DB2 Enterprise Server Edition shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882724>) \n \n* * *\n\nIf you are running IBM Cloud Orchestrator 2.4, 2.4.0.1, 2.4.0.2 or 2.4.0.2 Interim Fix1,** **upgrade to [**IBM Cloud Orchestrator 2.4 Fix Pack 3 (2.4.0.3)**](<http://www.ibm.com/support/docview.wss?uid=swg24040281>).\n\nFor affected supporting products shipped with IBM Cloud Orchestrator consult the security bulletins below for vulnerability details and apply fixes as appropriate depending on your environment.\n\n**Affected Supporting Product**| **Version**| **Remediation/First Fix** \n---|---|--- \nIBM Business Process Manager \n| 8.5.0.1 \n \n| [_Security Bulletin: Multiple vulnerabilities in IBM Business Process Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000) _](<http://www.ibm.com/support/docview.wss?uid=swg21882542>) \nIBM Tivoli System Automation Application Manager| 4.1| [_Security Bulletin: Multiple vulnerabilities in IBM Tivoli System Automation Application Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882528>) \nIBM Tivoli System Automation for Multiplatforms| 4.1| [_Security Bulletin: Multiple vulnerabilities in IBM Tivoli System Automation for Multiplatforms shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882549>) \nIBM DB2 Enterprise Server Edition| 10.5.0.2| [_Security Bulletin: Multiple vulnerabilities in IBM DB2 Enterprise Server Edition shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (__CVE-2015-4000__)_](<http://www.ibm.com/support/docview.wss?uid=swg21882724>) \nIBM Endpoint Manager for Patch Management| 9.1| [_Security Bulletin: Multiple vulnerabilities in IBM Endpoint Manager for Patch Management shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882824>) \n \n* * *\n\nIf you are running IBM Cloud Orchestrator Enterprise Edition 2.5, upgrade to [**IBM Cloud Orchestrator 2.5 Fix Pack 1 (2.5.0.1)**](<http://www.ibm.com/support/docview.wss?uid=swg2C4000006>).\n\nFor affected supporting products shipped with IBM Cloud Orchestrator consult the security bulletins below for vulnerability details and apply fixes as appropriate depending on your environment.\n\n**Affected Supporting Product**| **Version**| **Remediation/First Fix** \n---|---|--- \nIBM Business Process Manager \n| 8.5.6 \n \n| [_Security Bulletin: Multiple vulnerabilities in IBM Business Process Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000) _](<http://www.ibm.com/support/docview.wss?uid=swg21882542>) \nIBM Big Fix Patch| 9.2.6| [_Security Bulletin: Multiple vulnerabilities in IBM Endpoint Manager for Patch Management shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882824>) \nIBM Cloud Manager for Openstack| 4.3| [_Security Bulletin: Logjam vulnerability affect IBM Cloud Manager with Openstack (CVE-2015-4000)_](<http://www-01.ibm.com/support/docview.wss?uid=isg3T1022752>) \nIBM Tivoli System Automation Application Manager| 4.1| [_Security Bulletin: Multiple vulnerabilities in IBM Tivoli System Automation Application Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882528>) \nIBM Tivoli System Automation for Multiplatforms| 4.1.0.2| [_Security Bulletin: Multiple vulnerabilities in IBM Tivoli System Automation for Multiplatforms shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882549>) \nIBM DB2 Enterprise Server Edition| 10.5.0.5| [_Security Bulletin: Multiple vulnerabilities in IBM DB2 Enterprise Server Edition shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882724>) \nIBM SmartCloud Cost Management| 2.1.0.5| [_Security Bulletin: A security vulnerability in IBM SmartCloud Cost Management shipped with IBM Cloud Orchestrator Enterprise and IBM SmartCloud Orchestrator Enterprise (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21883102>) \nIBM Tivoli Monitoring| 6.3.0.2| [_Security Bulletin: Multiple vulnerabilities in IBM Tivoli Monitoring shipped with IBM Cloud Orchestrator Enterprise and IBM SmartCloud Orchestrator Enterprise (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21883331>) \n \n* * *\n\n \nIf you are running IBM Cloud Orchestrator Enterprise V2.4, V2.4.0.1 or V2.4.0.2, V2.4.0.2 Interim Fix1** **upgrade to [**IBM Cloud Orchestrator Enterprise V2.4.0 Fix Pack 3 (2.4.0.3)**](<http://www.ibm.com/support/docview.wss?uid=swg24040281>). \n \nFor affected supporting products shipped with IBM Cloud Orchestrator Enterprise, consult the security bulletins below for vulnerability details and apply fixes as appropriate depending on your environment. \n \n**Affected Supporting Product**| **Version**| **Remediation/First Fix** \n---|---|--- \nIBM Business Process Manager| 8.5.0.1| [_Security Bulletin: Multiple vulnerabilities in IBM Business Process Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000) _](<http://www.ibm.com/support/docview.wss?uid=swg21882542>) \nIBM Tivoli System Automation Application Manager| 4.1| [_Security Bulletin: Multiple vulnerabilities in IBM Tivoli System Automation Application Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882528>) \nIBM Tivoli System Automation for Multiplatforms| 4.1| [_Security Bulletin: Multiple vulnerabilities in IBM Tivoli System Automation for Multiplatforms shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882549>) \nIBM Endpoint Manager for Patch Management| 9.1| [_Security Bulletin: Multiple vulnerabilities in IBM Endpoint Manager for Patch Management shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21882824>) \nIBM DB2 Enterprise Server Edition| 10.5.0.2| [_Security Bulletin: Multiple vulnerabilities in IBM DB2 Enterprise Server Edition shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator (__CVE-2015-4000__)_](<http://www.ibm.com/support/docview.wss?uid=swg21882724>) \nIBM SmartCloud Cost Management| 2.1.0.4| [_Security Bulletin: A security vulnerability in IBM SmartCloud Cost Management shipped with IBM Cloud Orchestrator Enterprise and IBM SmartCloud Orchestrator Enterprise (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21883102>) \nIBM Tivoli Monitoring| 6.3.0.2| [_Security Bulletin: Multiple vulnerabilities in IBM Tivoli Monitoring shipped with IBM Cloud Orchestrator Enterprise and IBM SmartCloud Orchestrator Enterprise (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21883331>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T22:32:50", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise, and products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T22:32:50", "id": "C408386DF4AE37315966F2B30EFCF0B1E4A259AE24F4CA11D92C0940EE1E9D48", "href": "https://www.ibm.com/support/pages/node/619227", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:49:07", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Rational Automation Framework. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational Automation Framework 3.0.1, 3.0.1.1, 3.0.1.2.x, 3.0.1.3.x on all supported platforms.\n\n## Remediation/Fixes\n\nUpgrade to [RAF 3.0.1.3 ifix4](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ERational&product=ibm/Rational/Rational+Automation+Framework&release=3.0.1.3i4&platform=All&function=all>) or later. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T05:03:36", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Rational Automation Framework (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T05:03:36", "id": "8CEF20A4DD854A25072AAD111369C8B0A54636F14E321B3AF16041D5C0018B86", "href": "https://www.ibm.com/support/pages/node/530403", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:46:22", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Tivoli Composite Application Manager for Transactions.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Tivoli Composite Application Manager (ITCAM) for Transactions is affected. ITCAM for Transactions contains multiple sub components (Agents). \nBoth the Internet Service Monitor (ISM \u2013 Agent code \u2018IS\u2019) and the Robotic Response Time (RRT \u2013 Agent code \u2018T6\u2019) are affected. \n \nISM Versions: \n\u00b7 7.4 \u2013 Affected by CVE (CVE-2015-4000) \n\u00b7 7.3 \u2013 Affected by CVE (CVE-2015-4000) \n \nRRT Versions: \n\u00b7 7.4 \u2013 Affected by CVE (CVE-2015-4000) \n\u00b7 7.3 \u2013 Affected by CVE (CVE-2015-4000)\n\n## Remediation/Fixes\n\nISM Fixes \n\n_Product_| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_7.4.0.0-TIV-CAMIS-FP0001_| _7.4.0.1_| _None_| [__http://www.ibm.com/support/docview.wss?uid=isg400002269__](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=isg400002269>) \n_7.3.0.1-TIV-CAMIS-IF0036_| _7.3.0.1_| _None_| [**__http://www.ibm.com/support/docview.wss?uid=isg400002358__**](<http://www-01.ibm.com/support/docview.wss?rs=0&uid=isg400002358>)_ _ \n \nRRT Fixes \n \n_Product_| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_7.4.0.0-TIV-CAMRT-IF0032_| _7.4.0.0_ \n_7.3.0.1_| IV74412| [__http://www.ibm.com/support/docview.wss?uid=isg400002227__](<http://www.ibm.com/support/docview.wss?uid=isg400002227>) \n \nAs the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted.\n\n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n\n_For 7.1 and 7.2 IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nFor ISM disable the DHE/EDH ciphers in all monitors. To disable the DHE/EDH ciphers, update the monitor properties: _SSLCipherSuite_ and _BridgeSSLCipherSet_. For example, to disable DHE/EDH ciphers in the HTTPS monitor, update the https.props file to include \n \nSSLCipherSuite : \"AES:3DES:DES:!EXP:!DHE:!EDH\" \nBridgeSSLCipherSet : \"AES:3DES:DES:!EXP:!DHE:!EDH\" \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:03:10", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Tivoli Composite Application Manager for Transactions (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:03:10", "id": "A0DD963CB7AEA165FBA4F90643C0271A87C12D393AEFD41EB868C0DE65E18165", "href": "https://www.ibm.com/support/pages/node/528373", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:54:31", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Cognos Mobile app on Android.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Cognos Mobile app on Android version 10.2.2.1.2 and earlier.\n\n## Remediation/Fixes\n\nThe recommended solution is to update the app to the latest version as soon as practical. \n \nThe fix has been released as part of the IBM Cognos Mobile app on Android version 10.2.2.2.1 [](<https://play.google.com/store/apps/details?id=com.ibm.cogmob.artoo>) \n<https://play.google.com/store/apps/details?id=com.ibm.cogmob.artoo> \n \nYou should verify that applying this fix does not cause any compatibility issues. The fix disables DH and DHE ciphers by default. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nThe Logjam attack which affects TLS connections using the Diffie-Hellman (DH) key exchange protocol may affect some IBM Cognos Mobile app on Android configurations. You will need to remove any of the ciphers that begin with SSL_* or TLS_* that also have DH or DHE in the name from your web server tier SSL configurations. This does NOT include ciphers that have ECDH or ECDHE in the name, these are elliptic curve Diffie-Hellman ciphers and they are not affected. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T23:13:46", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Mobile app on Android (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T23:13:46", "id": "D3500E8F6DFAA642288EF9D8BB70AE640BAAD3F185AB1CBA523102A8EB2C7F41", "href": "https://www.ibm.com/support/pages/node/528823", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:49:05", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Rational ClearQuest.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Rational ClearQuest, versions 7.1.0.x, 7.1.1.x, 7.1.2.x, 8.0.0.x, 8.0.1.x, in the following components: \n\n * ClearQuest Web Server\n * ClearQuest Report Server\n * ClearQuest Full Text Search Server\n * Customer defined uses of SSL from cqperl scripts\n * ClearQuest DataDirect when SSL is enabled for Oracle connections\n\n## Remediation/Fixes\n\n \n\n\n**Affected Versions**\n\n| \n\n** Applying the fix** \n \n---|--- \n \n8.0.1 through 8.0.1.9\n\n| Install [Rational ClearQuest Fix Pack 10 (8.0.1.10) for 8.0.1.](<http://www-01.ibm.com/support/docview.wss?uid=swg24041281>) \n \n8.0 through 8.0.0.16\n\n| Install [Rational ClearQuest Fix Pack 17 (8.0.0.17) for 8.0](<http://www-01.ibm.com/support/docview.wss?uid=swg24041279>). \n \n7.1.2 through 7.1.2.17\n\n| Customers on extended support contracts should install [Rational ClearQuest Fix Pack 19 (7.1.2.19) for 7.1.2](<http://www-01.ibm.com/support/docview.wss?uid=swg24040511>). If you enable SSL for your Oracle database, see the \"Workarounds and Mitigations\" section below. \n \n7.1.1.x (all fix packs) \n7.1.0.x (all fix packs)\n\n| Customers on extended support contracts should contact Rational Customer Support \n \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n \n_For unsupported versions, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nIf you are not upgrading to ClearQuest Fix Pack 17 for 8.0 or ClearQuest Fix Pack 10 for 8.0.1, and you enable SSL for your Oracle database, then you will need to take further steps to mitigate the issue. \n1\\. Please refer the following link to specify \"SSL_RSA_WITH_3DES_EDE_CBC_SHA\" as the only Cipher Suite supported on the database server \n<http://docs.oracle.com/cd/B28359_01/network.111/b28530/asossl.htm#i1023369>\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T05:04:23", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Rational ClearQuest(CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T05:04:23", "id": "502738BED676A72BA009ACC3FF8AE391A5C72BD07ACC6BCDD41E1CFA52F10F02", "href": "https://www.ibm.com/support/pages/node/533101", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:41", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of IBM SOA Policy Gateway Pattern for AIX Server 2.5.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM SOA Policy Gateway Pattern for AIX Server version 2.5\n\n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\nCustomers should follow the mitigation advice contained in the WebSphere Application Server security bulletin, located at [http://www.ibm.com/support/docview.wss?uid=swg21957980](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>) .\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:13", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM SOA Policy Gateway Pattern for AIX Server 2.5 (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:13", "id": "B5E3EEDB2B4419A3F087941C866457BC20F4680EBA2368EA8A2DA26653D71558", "href": "https://www.ibm.com/support/pages/node/528597", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:46", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM WebSphere MQ Telemetry (MQXR) service.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThe affected ciphersuite is available via the Telemetry (MQXR) service provided by; \n\n * IBM WebSphere MQ 7.1.0.6 and earlier maintenance\n * IBM WebSphere MQ 7.5.0.5 and earlier maintenance\n * IBM WebSphere MQ 8.0.0.2 and earlier maintenance\n\n## Remediation/Fixes\n\nThe affected ciphersuites are disabled completely or disabled for small key sizes in the Telemetry MQXR service by default in; \n\n * IBM WebSphere MQ [8.0.0.3](<http://www-01.ibm.com/support/docview.wss?uid=swg27043086#8003>) and later fix packs\n * IBM WebSphere MQ 7.5.0.6 and later fix packs, in the interim apply [APAR IT11660](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+MQ&release=All&platform=All&function=aparId&apars=IT11660>)\n * IBM WebSphere MQ 7.1.0.7 and later fix packs, in the interim apply [APAR IT11660](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+MQ&release=All&platform=All&function=aparId&apars=IT11660>)\n\n## Workarounds and Mitigations\n\nThe affected ciphersuites can be disabled in the Telemetry (MQXR) service by restricting the ciphersuites that are used by the Java runtime. \n\n**_National Security Agency (NSA) Suite B Cryptography_**\n\n \nThe government of the Unites States of America produces technical advice on IT systems and security, including data encryption. The US National Security Agency (NSA) recommends a set of interoperable cryptographic algorithms in its Suite B standard. \n\nThe Suite B standard specifies a mode of operation in which only a specific set of secure cryptographic algorithms are used. The Suite B standard specifies: \n\n * The encryption algorithm (AES)\n * The key exchange algorithm (Elliptic Curve Diffie-Hellman, also known as ECDH)\n * The digital signature algorithm (Elliptic Curve Digital Signature Algorithm, also known as ECDSA)\n * The hashing algorithms (SHA-256 or SHA-384)\n \n\n\nConfigure the Telemetry (MQXR) service to only accept Suite B cryptographic algorithms by adding the following line to the java.properties file under the ../mqxr/config subdirectory of the IBM WebSphere MQ installation;\n\n \ncom.ibm.jsse2.suiteB=128 \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:10", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM WebSphere MQ Telemetry (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:10", "id": "D042A4A6E51658909DBDD09ECA8D4648027A617A651754DF86282C8B2ADE7782", "href": "https://www.ibm.com/support/pages/node/528171", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:53:51", "description": "## Summary\n\nTLS connections using Diffie-Hellman (DH) key exchange protocol, \u201cLogjam\u201d attack, affects IBM Java SDK 1.6, 1.7 that is used by IBM SPSS Statistics.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM SPSS Statistics 19.0.0.2 \n\nIBM SPSS Statistics 20.0.0.2\n\nIBM SPSS Statistics 21.0.0.2\n\nIBM SPSS Statistics 22.0.0.2\n\nIBM SPSS Statistics 23.0.0.0\n\n## Remediation/Fixes\n\nProduct\n\n| VRMF| APAR| Remediation/First Fix \n---|---|---|--- \nIBM SPSS Statistics| _19.0.0.2_| _PI44002_| [Upgrade JRE to Version 6.0.16.5](<http://www.ibm.com/support/docview.wss?uid=swg24040352>) \nIBM SPSS Statistics| _20.0.0.2_| _PI44002_| [Upgrade JRE to Version 6.0.16.5](<http://www.ibm.com/support/docview.wss?uid=swg24040354>) \nIBM SPSS Statistics| _21.0.0.2_| _PI44002_| [Upgrade JRE to Version 6.0.16.5](<http://www.ibm.com/support/docview.wss?uid=swg24040355>) \nIBM SPSS Statistics| _22.0.0.2_| _PI44002_| [Upgrade JRE to Version 6.0.16.5](<http://www.ibm.com/support/docview.wss?uid=swg24040356>) \nIBM SPSS Statistics| _23.0.0.0_| _PI44002_| [Upgrade JRE to Version 7.1.3.1](<http://www.ibm.com/support/docview.wss?uid=swg24040357>) \n \nYou should verify applying this fix does not cause any compatibility issue in your environment. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T13:33:47", "type": "ibm", "title": "Security Bulletin: DH key exchange protocol vulnerability (\u201cLogjam\u201d) in IBM Java SDK affects IBM SPSS Statistics (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T13:33:47", "id": "0E590EFB6D614D8103D658B846E5BD6F764F863915EF59402CC127C643059264", "href": "https://www.ibm.com/support/pages/node/531039", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:46:19", "description": "## Summary\n\nThe Logjam vulnerability in TLS connections using the Diffie-Hellman (DH) key exchange protocol affects some components of IBM Tivoli Monitoring (ITM).\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThe following components of IBM Tivoli Monitoring (ITM) are affected by the LogJam vulnerability: \n\\- Tivoli Enterprise Portal Server (TEPS) \n\n\\- embedded WebSphere Application Server \u2013 ITM versions 6.2.0 through 6.3.0 FP5 \n\\- Portal Server Communication with Portal Clients when configured to use SSL over IIOP protocol - ITM versions 6.2.0 through 6.3.0 FP5 \\- Java (CANDLEHOME) - ITM Java-based agents using JSSE. - ITM versions 6.2.0 through 6.3.0 FP5 \n\n## Remediation/Fixes\n\n**\n\n## _Portal Server_\n\n** \n \n**\n\n### __\n\n**embedded WebSphere Application Server: \n \n \nYou should verify applying this fix does not cause any compatibility issues. **_Fix_**| **_VMRF_**| **_Remediation/First Fix_** \n---|---|--- \n6.X.X-TIV-ITM_EWAS_ALL_20150731| 6.3.0.x| [__http://www.ibm.com/support/docview.wss?uid=swg24040392__](<http://www.ibm.com/support/docview.wss?uid=swg24040392>) \nPatch to upgrade the embedded WebSphere Application Server (eWAS) shipped as part of the IBM Tivoli Monitoring portal server to version 8.0.0.10 plus additional Interim Fixes referred to as Interim Fix Block 2 \nTechnote| 6.2.3.x| __<http://www.ibm.com/support/docview.wss?uid=swg21633720>__ \nContains information about installing the embedded WebSphere Application Server (eWAS) patches for IBM Tivoli Monitoring 6.23. The link gives instructions to install** **eWAS 7.0 Fix Pack 37 (7.0.0.37) and Interim Fix block 1 \nTechnote| 6.2.2.x| [_http://www.ibm.com/support/docview.wss?uid=swg21509259_](<http://www.ibm.com/support/docview.wss?uid=swg21509259>) \nContains information about installing the embedded WebSphere Application Server (eWAS) patches for IBM Tivoli Monitoring 6.22. The link gives instructions are to install** **eWAS 6.1 Fix Pack 47 (6.1.0.47) and Interim Fix block 2. \n \nFor IBM Tivoli Monitoring 6.2.0 and 6.2.1, IBM recommends upgrading to a fixed, supported version/release of the product as listed above. \n \n \n**\n\n### __\n\n**Portal Server Communication with Portal Clients: \n \nPortal Server Communication with Portal Clients when configured to use SSL over IIOP protocol. SSL over IIOP is being used if both conditions below are true: \n\\- HTTPS is not being used \n\n\\- applet.html file does not have the tep.connection.protocol=http or https AND \n\\- tep.jnlp file does not have tep.connection.protocol=https \\- the KFW_INTERFACE_cnps_SSL is set to \"Y\" in the portal server environment file (Windows: kfwenv, UNIX/Linux: cq.config) \n \n \nYou should verify applying this fix does not cause any compatibility issues. **_Fix_**| **_VMRF_**| **_Remediation/First Fix_** \n---|---|--- \n6.3.0-TIV-ITM-FP0005-IV74486| 6.3.0 | [**__http://www.ibm.com/support/docview.wss?uid=swg24040448__**](<http://www.ibm.com/support/docview.wss?uid=swg24040448>) \n6.2.3-TIV-ITM-FP0005-IV74486| 6.2.3| [**__http://www.ibm.com/support/docview.wss?uid=swg24040448__**](<http://www.ibm.com/support/docview.wss?uid=swg24040448>) \n6.2.2-TIV-ITM-FP0009-IV74486| 6.2.2| [**__http://www.ibm.com/support/docview.wss?uid=swg24040448__**](<http://www.ibm.com/support/docview.wss?uid=swg24040448>) \n6.3.0-TIV-ITM-FP0006| 6.3.0.x| **__<http://www.ibm.com/support/docview.wss?uid=swg24040390>__** \nCheck link for status on availability. \n \nFor IBM Tivoli Monitoring 6.2.0 and 6.2.1, IBM recommends upgrading to a fixed, supported version/release of the product as listed above. \n \nYou should verify applying this fix does not cause any compatibility issues. \n \n \n**\n\n### _Java (CANDLEHOME) Remediation:_\n\n** \n \nThe IBM Tivoli Monitoring servers and base agents (those shipped as part of IBM Tivoli Monitoring Fix Packs) are not affected by this vulnerability. Only Java-based agents utilizing Java Secure Socket Extension (JSSE) which rely on the JRE in the IBM Tivoli Monitoring installation directory (for example, CANDLEHOME) can be affected. Agents affected will publish separate security bulletins and reference this bulletin for the remediation. \n \nFor systems where the affected agents are installed, the patch below should be installed which will update the shared Tivoli Enterprise-supplied JRE (jr component on UNIX/Linux) or Embedded JVM (JVM component on Windows). The technote [Upgrading Shared Components for IBM Tivoli Monitoring Agents](<http://www.ibm.com/support/docview.wss?uid=swg21673490>) provides information on how shared libraries are used. \n \nYou should verify applying this fix does not cause any compatibility issues. **_Fix_**| **_VMRF_**| **_Remediation/First Fix_** \n---|---|--- \n6.X.X-TIV-ITM_JRE_CANDLEHOME-20150731| 6.2.2 through 6.3.0 FP5| **__<http://www.ibm.com/support/docview.wss?uid=swg24040391>__** \n6.3.0-TIV-ITM-FP0006| 6.3.0.x| **__<http://www.ibm.com/support/docview.wss?uid=swg24040390>__** \nCheck link for status on availability. \n \nFor IBM Tivoli Monitoring 6.2.0 and 6.2.1, IBM recommends upgrading to a fixed, supported version/release of the product as listed above. \n\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:06:13", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Tivoli Monitoring (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:06:13", "id": "41D7B31F50BFF0B30F52BE3ECA40AA791FAC5852FDE89E07DBBB24ABFD0F4537", "href": "https://www.ibm.com/support/pages/node/533021", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:52:11", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) affects some configurations of IBM Security Key lifecycle Manager.\n\n## Vulnerability Details\n\n**CVEID: **[_CVE-2015-4000 _](<https://vulners.com/cve/CVE-2015-4000>) \n**DESCRIPTION: ** \nThe TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nThe following IBM Security Key Lifecycle Manager versions may be affected. \n\u00b7 IBM Tivoli Key Lifecycle Manager V1.0, V2.0, V.2.0.1 \n\u00b7 IBM Security Key Lifecycle Manager V2.5 on distributed platforms\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_TKLM_| _1.0_| IV74817| [`1.0.0-TIV-TKLM-FP0008`](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Tivoli+Key+Lifecycle+Manager&fixids=1.0.0-TIV-TKLM-FP0008.&source=SAR>) \n_TKLM_| _2.0_| IV74818| [`2.0.0-ISS-TKLM-FP0010`](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Tivoli+Key+Lifecycle+Manager&fixids=2.0.0-ISS-TKLM-FP0010&source=SAR>) \n_TKLM_| _2.0.1_| IV74819| [`2.0.1-ISS-TKLM-FP0008`](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Tivoli+Key+Lifecycle+Manager&fixids=2.0.1-ISS-TKLM-FP0008&source=SAR>) \n_SKLM_| _2.5_| IV74820| [`2.5.0-ISS-SKLM-FP0006`](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Tivoli+Key+Lifecycle+Manager&fixids=2.5.0-ISS-SKLM-FP0006&source=SAR>) \n \n## Workarounds and Mitigations\n\nThere are multiple workaround cases: \n\n**_Case 1:_**** **TKLM/SKLM configuration file has the **TransportListener.ssl.ciphersuites** property set with DHE or DH cipher suites. \n\n**_Workaround_**: Remove DHE and DH ciphers and set only non-DH ciphers in this property. If only one cipher is mentioned which is DHE or DH and user is unsure about which ciphers to use then comment out this property or specify JSSE_ALL and move to Case 2.\n\n**_Case 2_****:** TKLM/SKLM configuration file does not have the **TransportListener.ssl.ciphersuites** property specified or **TransportListener.ssl.ciphersuites** property is set to a value of JSSE_ALL.\n\n**_Workaround_**: Specify this property with non-DH ciphers or create a custom Cipher suite group with no DHE and DH ciphers by logging into Websphere Application Server. Users can create custom cipher suites in the WAS console UI from SSL certificate and key management > SSL configurations > NodeDefaultSSLSettings > Quality of protection (QoP) settings\n\n**_Case 3_****:** TKLM/SKLM configuration file has the **TransportListener.ssl.ciphersuites** property set to cipher suites which does not include DHE and DH cipher suites \n\n**_Workaround_**: Users are safe from this vulnerability and nothing needs to be done. \n\nName of TKLM/SKLM config file for TKLM v1.x to v2.0.x is TKLMgrConfig.properties and for SKLM v2.5.x it is SKLMConfig.properties\n\nFor details, see link: <http://www-01.ibm.com/support/docview.wss?uid=swg21960261>\n\nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the DHE/DH cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the DHE/DH cipher and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T21:25:29", "type": "ibm", "title": "Security Bulletin: Vulnerability in DH ciphers affects IBM Security key lifecycle manager (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T21:25:29", "id": "AA8A483F1FC087A1BFF90E90D9EEDAC1560CA2407BE4FD361149C94E0B019195", "href": "https://www.ibm.com/support/pages/node/530715", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:39", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of IBM WebSphere Application Server that shipped with WebSphere Enterprise Service Bus Registry Edition.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Remediation/Fixes\n\nThese security vulnerabilities are all fixed with available interim fixes and are targeted for specific WebSphere Application Server fix pack levels. For more information on these fixes, including workarounds and mitigations please see [Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>)\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:19", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server that shipped with WebSphere Enterprise Service Bus Registry Edition (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:19", "id": "76939420D89EA85824E36A107D8D06F6D50313B1A30EDB1F241F31CDD6B8BB75", "href": "https://www.ibm.com/support/pages/node/530833", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:46:20", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects the Enterprise Common Collector component of the IBM Tivoli zEnterprise Monitoring Agent. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nEnterprise Common Collector 1.1.0 (a component of IBM Tivoli zEnterprise Monitoring Agent, a component of IBM Tivoli Monitoring v6.2.3 and v6.3.0)\n\n## Remediation/Fixes\n\n_Product_\n\n| \n\n_VRMF_\n\n| \n\n_Operating System_\n\n| \n\n_Remediation/First Fix_ \n \n---|---|---|--- \n \nIBM Tivoli zEnterprise Monitoring Agent (Enterprise Common Collector v1.1.0 component) \n\n| \n\nv6.2.3\n\n| AIX\u00ae| \n\n[_Fix Central link_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Tivoli%2BComposite%2BApplication%2BManager&product=ibm/Tivoli/IBM+Tivoli+Monitoring&release=All&platform=All&function=fixId&fixids=1.1.0.5-TIV-ITM-ECC-JRE-AIX-IF0006&includeSupersedes=0>) \n \nLinux\u00ae on System z\u00ae| \n\n[_Fix Central link_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Tivoli%2BComposite%2BApplication%2BManager&product=ibm/Tivoli/IBM+Tivoli+Monitoring&release=All&platform=All&function=fixId&fixids=1.1.0.5-TIV-ITM-ECC-JRE-Linuxz-IF0006&includeSupersedes=0>) \n \nLinux\u00ae on Intel\u00ae 32-bit| \n\n[_Fix Central link_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Tivoli%2BComposite%2BApplication%2BManager&product=ibm/Tivoli/IBM+Tivoli+Monitoring&release=All&platform=All&function=fixId&fixids=1.1.0.5-TIV-ITM-ECC-JRE-Linuxx32-IF0006&includeSupersedes=0>) \n \nLinux\u00ae on Intel\u00ae 64-bit| \n\n[_Fix Central link_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Tivoli%2BComposite%2BApplication%2BManager&product=ibm/Tivoli/IBM+Tivoli+Monitoring&release=All&platform=All&function=fixId&fixids=1.1.0.5-TIV-ITM-ECC-JRE-Linuxx64-IF0006&includeSupersedes=0>) \n \n32-bit Windows\u00ae| \n\n[_Fix Central link_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Tivoli%2BComposite%2BApplication%2BManager&product=ibm/Tivoli/IBM+Tivoli+Monitoring&release=All&platform=All&function=fixId&fixids=1.1.0.5-TIV-ITM-ECC-JRE-Windows32-IF0006&includeSupersedes=0>) \n \n64-bit Windows\u00ae| \n\n[_Fix Central link_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Tivoli%2BComposite%2BApplication%2BManager&product=ibm/Tivoli/IBM+Tivoli+Monitoring&release=All&platform=All&function=fixId&fixids=1.1.0.5-TIV-ITM-ECC-JRE-Windows64-IF0006&includeSupersedes=0>) \n \n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:03:38", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects the Enterprise Common Collector component of the IBM Tivoli zEnterprise Monitoring Agent (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:03:38", "id": "B314B86EC6539E411791CCFA6A53927253F388CB034016D2D424FAE5EAB8C0EC", "href": "https://www.ibm.com/support/pages/node/529541", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-05-01T03:14:29", "description": "## Summary\n\nA vulnerability known as Logjam may affect multiple N series products and the impact is under investigation. Versions 1.2 and earlier of the Transport Layer Security (TLS) protocol can allow man-in-the-middle (MITM) attackers to conduct downgrade attacks. Multiple N series Products has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nSnap Creator Framework: 3.6.0, 4.1.0, 4.1.2, 4.3; \nSnapDrive for Windows: 7.0.3, 7.1.1, 7.1.2, 7.1.3; \nSnapManager for SAP: 3.2, 3.3, 3.3.1, 3.4; \nVirtual Storage Console for VMware vSphere: 6.0, 6.1;\n\n## Remediation/Fixes\n\nFor_ _Snap Creator Framework: the fix exists from microcode version 4.3P1; \nFor_ _SnapDrive for Windows: the fix exists from microcode version 7.1.4; \nFor_ _SnapManager for SAP: the fix exists from microcode version 3.4.1; \nFor Virtual Storage Console for VMware vSphere: the fix exists from microcode version: 6.2; \n \nPlease contact IBM support or go to this [_link_](<https://www-945.ibm.com/support/fixcentral/>) to download a supported release. \n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-12-15T18:04:22", "type": "ibm", "title": "Security Bulletin: CVE-2015-4000 Diffie-Hellman Export Cipher Suite Vulnerabilities in Multiple N series Products", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2021-12-15T18:04:22", "id": "1E9B9D4DDB40D18727D4206F573E21C89F52C2E88F8950F063AC97CC123B82A3", "href": "https://www.ibm.com/support/pages/node/696425", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:46", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of IBM WebSphere Application Server Full Profile and IBM WebSphere Application Server Liberty Profile that are shipped as a component of WebSphere Lombardi Edition and IBM Business Process Manager. The IBM HTTP Server used by WebSphere Application Server is not affected. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\n * * IBM Business Process Manager V7.5.x through V8.5.6.0\n * WebSphere Lombardi Edition V7.2.0.x\n \n \n_For__ earlier unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product._\n\n## Remediation/Fixes\n\nPlease consult the security bulletin [Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21957980>) for vulnerability details and information about fixes. \nThe following setting in java.secruity allows you to reenable ciphers using DH and DHE key exchange that you had to disable as a temporary workaround: \njdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize <768 \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:11", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect WebSphere Lombardi Edition and IBM Business Process Manager (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:11", "id": "00D19B3FBF82354675BC83A198849700B5859C5D403B65558D305236E003CCC5", "href": "https://www.ibm.com/support/pages/node/528321", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T06:04:43", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) affects some versions of the DS8000.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nDS8870 prior to R7.2 \n\nDS8800/DS8700 prior to R6.3 SP9 ( 86.31.142.0 / 76.31.121.0 respectively) which have not applied ISO CD patch named RemoveWeakCertificatesv1.0 or RemoveWeakCertificatesV1.1\n\n## Remediation/Fixes\n\nAs noted DS8870 at R7.2 and above (87.21.5.0) and and DS8800/DS8700 at R6.3 SP9 and above (86.31.142.0 / 76.31.121.0) are not impacted. \n\nDS8700/DS8800/DS8870 customers should upgrade to a version which is not impacted or apply the patch noted below. \n\n**Patch Release**\n\n \n \n**Product**| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nDS8870 prior to R7.2| N/A| CVE_WEAK_CIPHER_PATCH_v1.0| 03/23/2015 \nDS8800 prior to R6.3 SP9| N/A| CVE_WEAK_CIPHER_PATCH_v1.0| 03/23/2015 \nDS8700 prior to R6.3 SP9| N/A| CVE_WEAK_CIPHER_PATCH_v1.0| 03/23/2015 \n \n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-05-24T17:06:20", "type": "ibm", "title": "Security Bulletin: The LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) affects some versions of the DS8000.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2022-05-24T17:06:20", "id": "F4E7E3BE19F29D23C9E8BDC15EEAE7B010BF3E4C06C22A6AC29599A6977CB542", "href": "https://www.ibm.com/support/pages/node/690513", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:30", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Image Construction and Composition Tool. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Image Construction and Composition Tool v2.2.1.3 \nIBM Image Construction and Composition Tool v2.3.1.0 \nIBM Image Construction and Composition Tool v2.3.2.0\n\n## Remediation/Fixes\n\nThe solution is to apply the following IBM Image Construction and Composition Tool version fixes. \n \nUpgrade the IBM Image Construction and Composition Tool to the following fix levels: \n \n\u00b7 For IBM Image Construction and Composition Tool v2.2.1.3 \n\u00b7 IBM Image Construction and Composition Tool v2.2.1.3 Build 32 \n \n[__http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=1.1.0.5&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.2.1.3-32&includeSupersedes=0__](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=1.1.0.5&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.2.1.3-32&includeSupersedes=0>) \n \n \n\u00b7 For IBM Image Construction and Composition Tool v2.3.1.0 \n\u00b7 IBM Image Construction and Composition Tool v2.3.1.0 Build 43 \n \n[__http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=2.0.0.1&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.1.0-43&includeSupersedes=0__](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=2.0.0.1&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.1.0-43&includeSupersedes=0>) \n \n \n\u00b7 For IBM Image Construction and Composition Tool v2.3.2.0 \n\u00b7 IBM Image Construction and Composition Tool v2.3.2.0 Build 16 \n \n[__http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=2.1.0.0&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.2.0-16&includeSupersedes=0__](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=2.1.0.0&platform=All&function=fixId&fixids=ICCT_efix_Repository_2.3.2.0-16&includeSupersedes=0>) \n \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:30", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Image Construction and CompositionTool. (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:30", "id": "895B02B5C8F08827E0AEB10CCE2D6207A63AB8561B5C9A3C0874680AEF77B77E", "href": "https://www.ibm.com/support/pages/node/535261", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:54:52", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Algo Credit Administrator.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nAlgo Credit Administrator 2.2.0 and earlier\n\n## Remediation/Fixes\n\nA fix has been created for version 2.2.0 of the named product. Download and install the fix as soon as practicable. Fix and installation instructions are provided at the URL listed below. \n \nFor versions prior to 2.2.0 IBM recommends upgrading to a fixed, supported version/release/platform of the product. \n \n \n\n\nPatch Number| Download URL \n---|--- \nACA 2.2.0_115| [_ACA 2.2.0_115 Windows Framework_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=2.2.0.0-Algo-ACAFramework-Win-if0115:0&includeSupersedes=0&source=fc&login=true>) \n[_ACA 2.2.0_115 AIX Framework_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=2.2.0.0-Algo-ACAFramework-AIX-if0115:0&includeSupersedes=0&source=fc&login=true>) \n[_ACA 2.2.0_115 RedHat Framework_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=2.2.0.0-Algo-ACAFramework-RHEL-if0115:0&includeSupersedes=0&source=fc&login=true>) \n[_ACA 2.2.0_115 SunOS Framework_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=2.2.0.0-Algo-ACAFramework-SOL-if0115:0&includeSupersedes=0&source=fc&login=true>) \n[_ACA 2.2.0_115 Security_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=2.2.0.0-Algo-ACAsecurity-if0115:0&includeSupersedes=0&source=fc&login=true>) \n[_ACA 2.2.0_115 Dokumentation_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=2.2.0.0-Algo-ACAdocumentation-if0115:0&includeSupersedes=0&source=fc&login=true>) \n[_ACA 2.2.0_115 Application_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=2.2.0.0-Algo-ACAapplications-if0115:0&includeSupersedes=0&source=fc&login=true>) \n[_ACA 2.2.0_115 Rendition_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation+Management&product=ibm/Information+Management/Algo+Credit+Manager&release=All&platform=All&function=fixId&fixids=2.2.0.0-Algo-ACARendition-if0115:0&includeSupersedes=0&source=fc&login=true>) \n \nAs the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n\nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nTo disable the DHE stream cipher in your Algo Credit Administrator server installation,** **edit $ACA_HOME/jlib/platform/jre/jre/lib/security/java.security. Find the line **jdk.tls.disabledAlgorithms=SSLv3 **and change it to **jdk.tls.disabledAlgorithms=SSLv3, RC4, DHE**\n\n \nIf you use the Tomcat included in your Algo Credit Administrator installation to provide access to your environment, you need to make sure to substitute the self-signed certificate in the Tomcat keystore in $ACA_HOME/jlib/etc/system/cfg/jlib.jks with a valid certificate for this server. The certificate's signature algorithm must be SHA1withRSA and the key algorithm must be RSA. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T22:37:36", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Algo Credit Administrator (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T22:37:36", "id": "C07939CCCAC005648C0553152DC34FE7752205E82EFF81648E83585911CB92F0", "href": "https://www.ibm.com/support/pages/node/529075", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:38:14", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM DataQuant for Workstation.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>) \nThe TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n * IBM DataQuant 2.1\n\n## Remediation/Fixes\n\n * IBM DataQuant 2.1: install [Java JRE 8.0.1.1 fix from IBM Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DataQuant&release=2.1&platform=All&function=all>)\n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n \n\n\n## Workarounds and Mitigations\n\nNone. \n\n**Important note:** IBM strongly suggests that all System z customers subscribe to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [_System z Security web site_](<http://www-03.ibm.com/systems/z/advantages/security/integrity_sub.html>). Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-02-12T13:59:09", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM DataQuant for Workstation (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2021-02-12T13:59:09", "id": "C2DE286AAC09188FB56431A32870396BEB60EB9B39C5F589373BA4BCF647D602", "href": "https://www.ibm.com/support/pages/node/528681", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:52:07", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Juniper EX Series Network Switches sold by IBM for use in IBM Products.\n\n## Vulnerability Details\n\n## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Juniper EX Series Network Switches sold by IBM for use in IBM Products.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\n**Description:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam.\"\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\n * JunOS release 12.3R9 and earlier.\n\n## Remediation/Fixes:\n\nJunOS release 12.3R10 and later.\n\nJuniper Technical Bulletin: [ http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681](<http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681>)\n\nYou should verify applying this fix does not cause any compatibility issues.\n\n## Workarounds and Mitigations:\n\nRefer to the Juniper Technical Bulletin for Workarounds.\n\n## References:\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nReported to IBM by The WeakDH team at <https://weakdh.org>\n\n**Change History** \n14 July 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect Juniper EX Series Network Switches sold by IBM for use in IBM Products (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2019-01-31T02:10:01", "id": "C3EAB875270997EDB523AC004ED0D62857A85BC64AE5CFF15B83BC69E331997E", "href": "https://www.ibm.com/support/pages/node/867560", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:53:54", "description": "## Summary\n\nVulnerabilities in SSL/TLS protocol during key exchange phase using Diffie-Hellman (DH) ciphersuite, \u201cLogjam\u201d attack, affects IBM Java SDK 1.6, 1.7 that is used by IBM SPSS Analytic Server.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM SPSS Analytic Server 1.0.1 \nIBM SPSS Analytic Server 2.0.0.1\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nIBM SPSS Analytic Server| _1.0.1_| PI44833| [IBM SPSS Analytic Server 1.0.1 Interim Fix](<http://www-01.ibm.com/support/docview.wss?uid=swg24040337>) \nIBM SPSS Analytic Server| _2.0.0.1_| PI44833| [IBM SPSS Analytic Server 2.0.0.1 Interim Fix](<http://www-01.ibm.com/support/docview.wss?uid=swg24040335>) \n \nYou should verify applying this fix does not cause any compatibility issue in your environment. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T13:14:18", "type": "ibm", "title": "Security Bulletin: DH key exchange protocol vulnerability (\u201cLogjam\u201d) in IBM Java SDK affects IBM SPSS Analytic Server (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T13:14:18", "id": "6B06224C4F4FE1DC2DEEF0585952BB1198D5AB9DF4AF51A43BE90165FD514D08", "href": "https://www.ibm.com/support/pages/node/532029", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-12T17:34:48", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects XIV Management Tools.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\n * All versions of XIV Management Tools prior to 4.6.0.1\n * All versions of IBM Hyper-Scale Manager Prior to 1.7.0.1\n\n## Remediation/Fixes\n\nUsers of previous versions should upgrade to XIV Management Tools 4.6.0.1 / IBM Hyper-Scale Manager 1.7.0.1. \n\nUsers of the IBM Hyper-Scale Manager _Appliance_ should apply the hotfixes to XIV Management Tools 4.5.0.2 / IBM Hyper-Scale Manager 1.6.0.2, since the IBM Hyper-Scale Manager is not available as an appliance in 1.7.0.1.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-18T00:09:44", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM XIV Management Tools (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-18T00:09:44", "id": "63C3CCB0F9F7D3F9B52D78E67FADB87376A74E33E54991A9087BE885BDABE7C5", "href": "https://www.ibm.com/support/pages/node/690541", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:51:20", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affect IBM Security Proventia Network Active Bypass \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>) \n \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n**Products: **ABYP-0T-0S-4L-P, ABYP-0T-0S-4L-P-M, ABYP-0T-2S-2L-P, ABYP-0T-2S-2L-P-M, ABYP-0T-4S-0L-P, ABYP-0T-4S-0L-P-M, ABYP-10G-2SR-2LR-1-P, ABYP-10G-2SR-2LR-1-P-M, ABYP-10G-4LR-1-P, ABYP-10G-4LR-1-P-M, ABYP-10G-4SR-1-P, ABYP-10G-4SR-1-P-M, ABYP-2T-0S-2L-P, ABYP-2T-0S-2L-P-M, ABYP-2T-1S-1L-P, ABYP-2T-1S-1L-P-M, ABYP-2T-2S-0L-P, ABYP-2T-2S-0L-P-M, ABYP-4T-0S-0L-P, ABYP-4T-0S-0L-P-M, ABYP-4TL-P, ABYP-4TL-P-M, ABYP-4TS-P, ABYP-4TS-P-M \n \n**Firmware Versions: \n** \n1G NAB - 2.15-36, 2.16-37, 2.18-43, 3.4-23, 3.9-34, 3.13-41, 3.18-49, 3.25-57 \n, 3.29-9 \n10G NAB - 1.0.1876, 1.0.2919, 0343c3c, 2.11-28, 2.13-34, 2.15-36, 2.18-42, 3.4-23, 3.9-34, 3.13-41, 3.18-49, 3.25-57 \n, 3.29-9\n\n## Remediation/Fixes\n\nThe following IBM Thread Updates have the fixes for these vulnerabilities: \n \n \n\n\n_Product_| _Version_| _Remediation/First Fix _ \n---|---|--- \n_IBM Security Proventia Network Active Bypass _| _1G NAB - 2.15-36, 2.16-37, 2.18-43, 3.4-23, 3.9-34, 3.13-41, 3.18-49, 3.25-57, 3.29-9_| [_Proventia 1G NAB Update 16 (fw3.30-12)_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Network+Active+Bypass&release=All&platform=All&function=all>) \n_IBM Security Proventia Network Active Bypass _| _10G NAB - 1.0.1876, 1.0.2919, 0343c3c, 2.11-28, 2.13-34, 2.15-36, 2.18-42, 3.4-23, 3.9-34, 3.13-41, 3.18-49, 3.25-57, 3.29-9_| [__Proventia 10G NAB Update 13 (fw3.30-12)__](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Security%2BSystems&product=ibm/Tivoli/IBM+Security+Network+Active+Bypass&release=All&platform=All&function=all>) \n \n**NOTE: To complete remediation of the vulnerability, it is necessary to perform regeneration of the appliance certificates following installation of the fix above. This process will take up to 60 minutes to complete, and the appliance will perform a reboot. ** \n \nThe procedure can be perfomed in one of two ways: \na) Console(Admin Menu) \nProventia_NAB> system generate-Diffie-Hellman-group \n \nOR \n \nb) LMI \nSystem-->Settings--> Generate Diffie Hellman group \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T21:45:32", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Proventia Network Active Bypass (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T21:45:32", "id": "33596AE0FA9A021B9CBE43189EBF694196A79229432AAACF2EF64E319DC3AFBE", "href": "https://www.ibm.com/support/pages/node/534415", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:51:26", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM Flex System EN6131 40Gb Ethernet /IB6131 40Gb Infiniband Switch firmware. IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch firmware has addressed the applicable CVE.\n\n## Vulnerability Details\n\n## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch firmware. IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch firmware has addressed the applicable CVE.\n\n**Vulnerability Details:**\n\n**CVE-ID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\n**Description:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam.\"\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nProduct | Affected Version \n---|--- \nIBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb \nInfiniband Switch Firmware | 3.4.1110 \n \n## Remediation/Fixes:\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nYou should verify applying the fix does not cause any compatibility issues.\n\nProduct | Fixed Version \n---|--- \nIBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb \nInfiniband Switch Firmware \n(mlnx_fw_ppc_m460ex-sx-3.4.3002_anyos_noarch) | 3.4.3002 \n \nFor CVE-2015-4000: You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations:\n\nNone.\n\n## References:\n\n * [Complete CVSS v2 Guide](<http://www.first.org/cvss/v2/guide.html>)\n * [On-line Calculator v2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information:** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n04 December 2015: Original version published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-01-31T02:25:02", "type": "ibm", "title": "Security Bulletin: Logjam vulnerability affects IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch firmware (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2019-01-31T02:25:02", "id": "F9EFAE3997751EBA3F424A5BB2FD2E363B1B5FD9F0DEA633898CB60CCE16DCB5", "href": "https://www.ibm.com/support/pages/node/868288", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:52:05", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Systems Director.\n\n## Vulnerability Details\n\n## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Systems Director.\n\n**Vulnerability Details**\n\n**CVE-ID:** [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\n**Description:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\".\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <http://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected products and versions\n\nFrom the IBM System Director command line enter **smcli lsver** to determine the level of IBM System Director installed.\n\nIBM Systems Director:\n\n * 5.2.x.x\n * 6.1.x.x\n * 6.2.0.x\n * 6.2.1.x\n * 6.3.0.0\n * 6.3.1.x\n * 6.3.2.x\n * 6.3.3.x\n * 6.3.5.0\n * 6.3.6.0\n\n## Remediation/Fixes\n\nFor Releases 5.2.x.x, 6.1.x.x IBM recommends upgrading to a fixed, supported version of the product.\n\nFollow the instructions mentioned under <http://www-947.ibm.com/support/entry/portal/support/> and search for Tech note **751206455** or \"June 2015 IBM Systems Director JRE Update\" to apply the fix for releases:\n\n * 6.2.0.x\n * 6.2.1.x\n * 6.3.0.0\n * 6.3.1.x\n * 6.3.2.x\n * 6.3.3.x\n * 6.3.5.0\n * 6.3.6.0\n\n## Workarounds and Mitigations\n\nNone.\n\n## Reference\n\n * [Complete CVSS Guide](<http://www.first.org/cvss/cvss-guide.html>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>) \n\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n24 July 2015: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Systems Director (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2019-01-31T02:10:01", "id": "B37B3BA642C275DF87697C2DAEEDE515471CB52F52D5C4BC93F803E894945DAC", "href": "https://www.ibm.com/support/pages/node/867664", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:32", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Workload Deployer.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)\n\n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\".\n\nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Workload Deployer version 3.1 and later\n\n## Remediation/Fixes\n\nThe solution is to apply the following IBM Workload Deployer fix to the deployed virtual machines. \n \n\n\nUpgrade the IBM Workload Deployer to the following fix level:\n\n_Product_\n\n| \n\n_VRMF_\n\n| \n\n_Remediation/First Fix_ \n \n---|---|--- \nIBM Workload Deployer System| Release V3.1.0.7| V3.1.0.7 Interim fix8, \n \n[_http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Workload+Deployer&release=3.1.0.7&platform=All&function=fixId&fixids=3.1.0.7-ifix8-IBM_Workload_Deployer&includeSupersedes=0_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Workload+Deployer&release=3.1.0.7&platform=All&function=fixId&fixids=3.1.0.7-ifix8-IBM_Workload_Deployer&includeSupersedes=0>) \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:28", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Workload Deployer. (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:28", "id": "33E446653684C8F37AD155539374A65A238DF0BC016027B5D6D5CE61B76C76ED", "href": "https://www.ibm.com/support/pages/node/534537", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:38", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM WebSphere MQ Internet Pass-thru (MQIPT).\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThe affected ciphersuite is available in all versions of IBM WebSphere MQ Internet Pass-thru (MQIPT) prior to 2.1.0.2\n\n## Remediation/Fixes\n\n**SupportPac MS81: IBM WebSphere MQ Internet Pass-Thru** \nUsers of IBM WebSphere MQ Internet Pass-Thru 2.1.0.1, 2.0 and older releases should first upgrade to [_IBM WebSphere MQ Internet Pass-Thru 2.1.0.2_](<http://www.ibm.com/support/docview.wss?uid=swg24006386>).\n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:15", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM WebSphere MQ Internet Passthru (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:15", "id": "A9BDB3515972CADE394FA4B076D4B34D3CDAE6FC5D8F94CB5F10FB8E8F3E0D2B", "href": "https://www.ibm.com/support/pages/node/529183", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:39", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM Business Monitor. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nConsult the security bulletin [Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nIBM Business Monitor V8.5.5 and V8.5.6 \n\nIBM Business Monitor V8.0.1.3\n\nIBM Business Monitor V7.5.1.2\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:14", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:14", "id": "ABE3E02785F98040EA06681161961B9FA1B2DF33987202A19484CE8DD90DF593", "href": "https://www.ibm.com/support/pages/node/528641", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:43", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Operational Decision Manager.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\n**IBM Operational Decision Manager: all versions**\n\n## Remediation/Fixes\n\nNone.\n\n## Workarounds and Mitigations\n\nThere is NO mitigation if any of the EXPORT ciphers have been enabled. EXPORT cipher suites are vulnerable to the FREAK and LOGJAM vulnerabilities with NO mitigation possible. Do NOT enable these ciphers without complete understanding of the environment. \n\nFor all others, consider implementing one of the mitigation methods described below. \n\n**Java 5 and Java 6 Mitigation:**\n\n \n\n\n1\\. Not explicit enabling the DH or DHE cipher suite(s) via setEnabledCipherSuites() method\n\n \n\n\n2\\. For HttpsURLConnection, set https.cipherSuites system property to not include DH or DHE cipher suites.\n\n \n\n\n3\\. Configure SP800-131a strict compliance or any Suite B configuration\n\nNOTE: For those which use JVM defaults or the default list of ciphers provided by the JVM there is NO Mitigation, you need to apply the upcoming iFix which will enforce a minimum 768 bit prime size for DH and DHE cipher suites and resolve the problem.\n\n**Java 7 and Java 8 Mitigation:**\n\n1\\. Disabling DH and DHE cipher suites. The can be achieved by adding the DH and DHE cipher suites to the list of disabled algorithms defined by the jdk.tls.disabledAlgorithms security property in java.security (jre/lib/security/java.security) file, e.g.,\n\n \n\n\njdk.tls.disabledAlgorithms=SSLv3, RC4, DH, DHE\n\n \n\n\n2\\. Not explicit enabling the DH or DHE cipher suite(s) via setEnabledCipherSuites() method.\n\n \n\n\n3\\. For HttpsURLConnection, set https.cipherSuites system property to not include DH or DHE cipher suites.\n\n \n\n\n4\\. Configure SP800-131a strict compliance or any Suite B configuration\n\nNOTE: For those which use JVM defaults or the default list of ciphers provided by the JVM there is NO Mitigation, you need to apply the upcoming iFix which will enforce a minimum 768 bit prime size for DH and DHE cipher suites and resolve the problem. \n\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:11", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Operational Decision Manager (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:11", "id": "195541CD2BA937A3BB0A7397C09609D5420503A1075FF5FF37913A345D7C1034", "href": "https://www.ibm.com/support/pages/node/528291", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:43:30", "description": "## Summary\n\nSSL cipher suites using non-Elliptic Curve Diffie-Hellman key exchange algorithms with key sizes of less than 1024 are vulnerable to man in the middle attacks. Previous versions of the IBM UrbanCode Deploy server left these cipher suites enabled.\n\n## Vulnerability Details\n\n**CVE ID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n \n**Description**: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT cipher suite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. \n \nThis vulnerability is commonly referred to as \"Logjam\". \n \n**CVSS Base Score:** 4.3 \n**CVSS Temporal Score:** See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \n**CVSS Environmental Score*:** Undefined \n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM UrbanCode Deploy 6.0, 6.0.1, 6.0.1.1, 6.0.1.2, 6.0.1.3, 6.0.1.4, 6.0.1.5, 6.0.1.6, 6.0.1.7, 6.0.1.8, 6.1, 6.1.0.1, 6.1.0.2, 6.1.0.3, 6.1.0.4, 6.1.1, 6.1.1.1, 6.1.1.2, 6.1.1.3, 6.1.1.4, and 6.1.1.5 on all supported platforms and all currently available versions of Java. \n \nIBM UrbanCode Deploy with Patterns is not affected by this vulnerability.\n\n## Remediation/Fixes\n\nFor all affected versions of IBM UrbanCode Deploy 6.0.x, upgrade to [IBM UrbanCode Deploy 6.0.1.9](<http://www.ibm.com/support/docview.wss?uid=swg24040130>) or later. \n \nFor all affected versions of IBM UrbanCode Deploy 6.1.x, upgrade to [IBM UrbanCode Deploy 6.1.1.6](<http://www.ibm.com/support/docview.wss?uid=swg24040144>) or later.\n\n## Workarounds and Mitigations\n\nIf Oracle or IBM Java 7 or 8 is used on the server, edit the **jdk.tls.disabledAlgorithms** property in `<Java Home>/lib/security/java.security`. \n \nExample: \n \n`jdk.tls.disabledAlgorithms=SSLv3, DH, DHE`\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T22:32:03", "type": "ibm", "title": "Security Bulletin: Vulnerability in DHE key exchange algorithm affects IBM UrbanCode Deploy (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T22:32:03", "id": "3723EB5EE1696AF23199CD7B03276C9E99403C2818DBCF7BB781BB6CBEBD8B4C", "href": "https://www.ibm.com/support/pages/node/527815", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:50:42", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of the IBM WebSphere Application Server used with the IBM i2 Intelligence Analysis Platform. The IBM HTTP Server used by IBM i2 Intelligence Analysis Platform is not affected. \n\n\n## Vulnerability Details\n\n**CVEID**: [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000\\)>) \n**DESCRIPTION**: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n \nThe following IBM Intelligence Analysis Platform versions may be affected: \n\n * Version 3.0.11.0\n * Version 3.0.9\n\n## Remediation/Fixes\n\nYou should apply the correct Interim Fix as noted below for the IBM SDK Java Technology Edition. You will also need to update your java.security file to add: \n \n`jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize <768` \n \nAdding this line to the java.security file will disable features exploited by Poodle, RC4 (Bar Mitzvah), and logjam vulnerabilities. \n \nThe java.security file must be updated on the client side with the DH keySize so that is it not vulnerable to the logjam attack. Although WebSphere Application Server has disabled these ciphers and protocols by default, having RC4 and SSLv3 disabled in the java.security file is good practice since it will stop any attempt at using these. \n \nFor V3.0.11.0 \nApply the following fix: \n\n * [IBM i2 Intelligence Analysis Platform 3.0.11 Fix Pack 1 Download](<http://www-01.ibm.com/support/docview.wss?uid=swg24040327>)\n \nFor V3.0.9 Windows \nApply the following fix: \n\n * [IBM i2 Intelligence Analysis Platform 3.0.9 Fix Pack 1 Windows Download](<http://www-01.ibm.com/support/docview.wss?uid=swg24040326>)\n \nFor V3.0.9 Linux \nApply the following fix: \n\n * [IBM i2 Intelligence Analysis Platform 3.0.9 Fix Pack 1 Linux Download](<http://www-01.ibm.com/support/docview.wss?uid=swg24040328>)\n\n## Workarounds and Mitigations\n\nThe Logjam attack which affects TLS connections using the Diffie-Hellman (DH) key exchange protocol may affect some configurations in WebSphere Application Server. \n \nRefer to the 'Workarounds and Mitigations' section of the IBM WebSphere Application Server security bulletin for full details of available workarounds and mitigations: \n<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T21:56:40", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM i2 Intelligence Analysis Platform (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T21:56:40", "id": "BAE90E39B7D4E023C3482742CAB27A6F0422803204E9AC550ACB7A5854D9C14A", "href": "https://www.ibm.com/support/pages/node/531883", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:46:20", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Tivoli Storage Manager FastBack for Workstations. The TSM FastBack for Workstations Central Administration Console (CAC) has a security vulnerability in the underlying IBM WebSphere and IBM WebSphere Liberty Server\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThe following versions of Tivoli Storage Manager for Workstations Central Administration Console are affected: \n7.1.0.0 through 7.1.2.n \n6.3.0.0 through 6.3.1.0 \n\n## Remediation/Fixes\n\n**Tivoli Storage Manager FastBack for WorkStations Central Administration Console**\n\n| **First Fixing VRMF Level**| **Client \nPlatform**| **Link to Fix / Fix Availability Target** \n---|---|---|--- \n7.1| 7.1.3.0| Windows \n\n\nx86\n\n \n \n \n \n\n\nx64\n\n| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=7.1.3.0-TIV-FB4WKSTNS-CAC-x86_windows&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=7.1.3.0-TIV-FB4WKSTNS-CAC-x86_windows&includeSupersedes=0&source=fc>) \n \n[http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=7.1.3.0-TIV-FB4WKSTNS-CAC-x64_windows&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ETivoli&product=ibm/Tivoli/Tivoli+Storage+Manager+FastBack+for+Workstations&release=All&platform=Windows&function=fixId&fixids=7.1.3.0-TIV-FB4WKSTNS-CAC-x64_windows&includeSupersedes=0&source=fc>) \n6.3| 6.3.1.1| Windows| `[http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FTivoli+Storage+Manager+FastBack+for+Workstations&fixids=6.3.1.1-TIV-FB4WKSTNS-CAC_windows&source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FTivoli+Storage+Manager+FastBack+for+Workstations&fixids=6.3.1.1-TIV-FB4WKSTNS-CAC_windows&source=SAR>)` \n \n## Workarounds and Mitigations\n\nTivoli Storage Manager FastBack for Workstations Central Administration Console \nVersion 6.3, 7.1.0 \n\nYou will need to remove any of the ciphers that begin with SSL_* or TLS_* and contain DH, DHE in the name from your WebSphere Application Server SSL configuration. \n \nYou can view the administrative console page to change the settings, click **Security > SSL certificate and key management**. Under Configuration settings, click** Manage endpoint security configurations > {Inbound | Outbound} > ****_ssl_configuration_**. Under Related items, click **SSL configurations > **. Click on {_SSL_configuration_name_ }. Under **Additional Properties**, click **Quality of protection (QoP) settings**. \nPerform a restart on the Tivoli Integrated Portal Service after saving the setting above. \nVersion 7.1.1, 7.1.2 1\\. Open the java.security file for editing. The file will be located in the Tivoli Storage Manager FastBack for Workstations Central Administration Console install directory\\java\\jre\\lib\\security. \n2\\. Add the following line or additional ciphers need to be added to the existing list: jdk.tls.disabledAlgorithms=DH, DHE \n3\\. In Control Panel -> Administrative Tools -> Service, stop and then restart the TSM FastBack for Workstations Central Administration Console service \nAt this point the application will not allow DH or DHE stream ciphers. You should verify applying this configuration change does not cause any compatibility issues. Not disabling the DH or DHE stream ciphers will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the DH or DHE stream ciphers and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:03:59", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Tivoli Storage Manager FastBack for Workstations (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:03:59", "id": "E3B28AA41302D919A96048E196D0024394CD3D5FF009D312C833272619D5247A", "href": "https://www.ibm.com/support/pages/node/530059", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:39:58", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM WebSphere Cast Iron\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThis vulnerability affects all versions of the product \nWebSphere Cast Iron v 7.0.0.x, \nWebSphere Cast Iron v 6.4.0.x \nWebSphere Cast Iron v 6.3.0.x \nWebSphere Cast Iron v 6.1.0.x\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nCast Iron Appliance| 7.*| LI78661| [iFix 7.0.0.2-CUMUIFIX-016](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=7.0.0.2&platform=All&function=fixId&fixids=7.0.0.2-WS-WCI-20150713-1805_H8_64-CUMUIFIX-016.scrypt2,7.0.0.2-WS-WCI-20150713-1805_H8_64-CUMUIFIX-016.vcrypt2,7.0.0.2-WS-WCI-20150713-1805_H8_64-CUMUIFIX-016.32bit.sc-linux,7.0.0.2-WS-WCI-20150713-1805_H8_64-CUMUIFIX-016.32bit.sc-win,7.0.0.2-WS-WCI-20150713-1805_H8_64-CUMUIFIX-016.sc-linux,7.0.0.2-WS-WCI-20150713-1805_H8_64-CUMUIFIX-016.sc-win,7.0.0.2-WS-WCI-20150713-1805_H11_64-CUMUIFIX-016.32bit.studio,7.0.0.2-WS-WCI-20150713-1805_H11_64-CUMUIFIX-016.studio&includeSupersedes=0>) \nCast Iron Appliance| 6.4.0.x| LI78661| [iFix 6.4.0.1-CUMUIFIX-031](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=6.4.0.1&platform=All&function=fixId&fixids=6.4.0.1-WS-WCI-20150715-1335_H4-CUMUIFIX-031.scrypt2,6.4.0.1-WS-WCI-20150715-1335_H4-CUMUIFIX-031.vcrypt2,6.4.0.1-WS-WCI-20150625-1151_H5-CUMUIFIX-031.studio&includeSupersedes=0>) \nCast Iron Appliance| 6.3.0.x| LI78661| [iFix 6.3.0.2-CUMUIFIX-016](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=6.3.0.2&platform=All&function=fixId&fixids=6.3.0.2-WS-WCI-20150716-1106_H6-CUMUIFIX-016.scrypt2,6.3.0.2-WS-WCI-20150716-1106_H6-CUMUIFIX-016.vcrypt2,6.3.0.2-WS-WCI-20150716-1106_H3-CUMUIFIX-016.studio&includeSupersedes=0>) \nCast Iron Appliance| 6.1.0.x| LI78661| [iFix 6.1.0.15-CUMUIFIX-022](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Cast+Iron+Cloud+integration&release=6.1.0.15&platform=All&function=fixId&fixids=6.1.0.15-WS-WCI-20150720-0705_H6-CUMUIFIX-022.scrypt2,6.1.0.15-WS-WCI-20150720-0705_H6-CUMUIFIX-022.vcrypt2,6.1.0.15-WS-WCI-20150720-0706_H5-CUMUIFIX-022.studio&includeSupersedes=0>) \n \n\"You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\" \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-11-18T13:57:34", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM WebSphere Cast Iron (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2019-11-18T13:57:34", "id": "A7AB67318D2C2A81A2B54F4FD42D9279292193725803DD18FB2FB94C9ACAD255", "href": "https://www.ibm.com/support/pages/node/532583", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:39:16", "description": "## Summary\n\nWebSphere Application Server, Cognos Business Intelligence, Integration Bus, and WebSphere MQ are shipped as components of Predictive Customer Intelligence. Information about a security vulnerability affecting WebSphere Application Server, Cognos Business Intelligence, Integration Bus, and WebSphere MQ has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletins: \n \n[_Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Business Intelligence (CVE-2015-4000)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21959671>)\n\n[_Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>)\n\n[_Vulnerability in Diffie-Hellman ciphers known as Logjam affects IBM WebSphere Message Broker and IBM Integration Bus (CVE-2015-4000)_](<http://www.ibm.com/support/docview.wss?uid=swg21958955>)\n\n[_Vulnerability in Diffie-Hellman ciphers affects IBM WebSphere MQ Telemetry (CVE-2015-4000)_](<http://www-01.ibm.com/support/docview.wss?uid=swg21958984>)\n\nfor vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n**Principal Product and Version(s)**\n\n| **Affected Supporting Product and Version** \n---|--- \nIBM Predictive Customer Intelligence 1.0| IBM Cognos Business Intelligence Server 10.2.1.1 \nWebSphere Application Server 8.5.5 ND \nIntegration Bus 9.0.0.1 \nWebSphere MQ 7.5.0.2 \nIBM Predictive Customer Intelligence 1.0.1| IBM Cognos Business Intelligence Server 10.2.1.1 \nWebSphere Application Server 8.5.5 ND \nIntegration Bus 9.0.0.1 \nWebSphere MQ 7.5.0.2 \n \n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-02-11T21:31:00", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in muiltiple products shipped with Predictive Customer Intelligence (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2020-02-11T21:31:00", "id": "66481A941DDCE6FDAA9A82898C1CC6CEA6E784E780138DBDD8B4B9BB6ADBA9F4", "href": "https://www.ibm.com/support/pages/node/530855", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:52:56", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Tealeaf Customer Experience.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT cipher suite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Tealeaf Customer Experience: v8.0-v9.0.2\n\n## Remediation/Fixes\n\nProduct \n\n| \n\nVRMF \n\n| \n\nRemediation/First Fix \n \n---|---|--- \n \nIBM Tealeaf Customer Experience\n\n| \n\n9.0.2A \n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2A_IBMTealeaf_PCA-3732-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2A_IBMTealeaf_PCA-3732-4_SecurityRollup_FixPack>) \n`Tealeaf CX: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2.5168_9.0.2A_IBMTealeaf_CXUpgrade_FixPack2`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2.5168_9.0.2A_IBMTealeaf_CXUpgrade_FixPack2>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n9.0.2 \n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2_IBMTealeaf_PCA-3682-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2_IBMTealeaf_PCA-3682-4_SecurityRollup_FixPack>) \n`Tealeaf CX: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2.1118_IBMTealeaf_CXUpgrade_FixPack2`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.2.1118_IBMTealeaf_CXUpgrade_FixPack2>) \n \nIBM Tealeaf Customer Experience\n\n| \n\n9.0.1A \n\n| PCA: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1A_IBMTealeaf_PCA-3724-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1A_IBMTealeaf_PCA-3724-4_SecurityRollup_FixPack>) \nTealeaf CX: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1.5091_9.0.1A_IBMTealeaf_CXUpgrade_FixPack4`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1.5091_9.0.1A_IBMTealeaf_CXUpgrade_FixPack4>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n9.0.1\n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1_IBMTealeaf_PCA-3673-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1_IBMTealeaf_PCA-3673-4_SecurityRollup_FixPack>) \nTealeaf CX: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1.1097_IBMTealeaf_CXUpgrade_FixPack4`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=9.0.1.1097_IBMTealeaf_CXUpgrade_FixPack4>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n9.0.0, 9.0.0A \n\n| You can contact the [_Technical Support_](<http://www.ibm.com/software/marketing-solutions/tealeaf/support>) team for guidance. \n \nIBM Tealeaf Customer Experience \n\n| \n\n8.8 \n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8_IBMTealeaf_PCA-3625-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8_IBMTealeaf_PCA-3625-4_SecurityRollup_FixPack>) \nTealeaf CX: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8.0.9034_IBMTealeaf_CXUpgrade_FixPack8`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.8.0.9034_IBMTealeaf_CXUpgrade_FixPack8>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n8.7 \n\n| `PCA: `[`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7_IBMTealeaf_PCA-3615-4_SecurityRollup_FixPack`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7_IBMTealeaf_PCA-3615-4_SecurityRollup_FixPack>) \nTealeaf CX: [`https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7.1.8830_IBMTealeaf_CXUpgrade_FixPack9`](<https://www.ibm.com/support/entry/portal/search_results?sn=spe&filter=keywords:ibmsupportfixcentralsearch&q=8.7.1.8830_IBMTealeaf_CXUpgrade_FixPack9>) \n \nIBM Tealeaf Customer Experience \n\n| \n\n8.6 and earlier \n\n| You can contact the [_Technical Support_](<http://www.ibm.com/software/marketing-solutions/tealeaf/support>) team for guidance. \nFor v9.0.0, 9.0.0A, and versions before v8.7, IBM recommends upgrading to a later supported version of the product. \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nPCA: In addition to applying the fix pack above, you must update the /opt/tealeaf/etc/httpd.conf file, changing the line beginning \u201cSSLCipherSuite\u201d by adding the string \u201c:!DHE:!EDH\u201d so that it reads: \n\nSSLCipherSuite ALL:!ADH:!EXP:!RC4:+HIGH:+MEDIUM:!DHE:!EDH\n\nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T19:45:14", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Tealeaf Customer Experience (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T19:45:14", "id": "784767FFE80144C9433F33E9F5E7E914E5CDFF130540E69102043AD4AC9AEA12", "href": "https://www.ibm.com/support/pages/node/528229", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:53:59", "description": "## Summary\n\nIBM Spectrum Protect Backup-Archive Client web user interface, IBM Spectrurm Protect for Space Management, and IBM Spectrum Protect for Virtual Environments are vulnerable to Logjam (CVE-2015-4000).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>) \n** DESCRIPTION: **The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/103294](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect Backup-Archive Client| 8.1.7.0-8.1.9.1 (Linux and Windows) \n8.1.9.0-8.1.9.1 (AIX) \nIBM Spectrum Protect for Space Management| 8.1.7.0-8.1.9.1 (Linux) \n8.1.9.0-8.1.9.1 (AIX) \nIBM Spectrum Protect for Virtual Environments: Data Protection for VMware| 8.1.0.0-8.1.9.1 (Linux and Windows) \n7.1.0.0-7.1.8.8 (Linux and Windows) \nIBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V| 8.1.4.0-8.1.9.0 (Windows) \n \n## Remediation/Fixes\n\n**_Spectrum Protect \nBackup-Archive Client Release_**| **_First Fixing \nVRM Level_**| **_APAR \n_**| **_Platform_**| **_Link to Fix_** \n---|---|---|---|--- \n8.1| 8.1.10| IT32317| AIX \nLinux \nWindows| <https://www.ibm.com/support/pages/node/6223388> \n \n**_Spectrum Protect for \nSpace Management \nRelease_**| **_First Fixing \nVRM Level_**| **_Platform_**| **_Link to Fix_** \n---|---|---|--- \n8.1| 8.1.10| AIX \nLinux| <https://www.ibm.com/support/pages/node/5737761> \n \n**_Spectrum Protect for \nVirtual Environments: \nData Protection for VMware Release_**| **_First Fixing \nVRM Level_**| **_APAR \n_**| **_Platform_**| **_Link to Fix_** \n---|---|---|---|--- \n8.1| 8.1.10| IT31577| Linux \nWindows| <https://www.ibm.com/support/pages/node/5693319> \n7.1| 7.1.8.9| IT31577| Linux \nWindows| <https://www.ibm.com/support/pages/node/316625> \n \n**_Spectrum Protect for \nVirtual Environments: \nData Protection for Hyper-V \nRelease_**| **_First Fixing \nVRM Level_**| **_APAR \n_**| **_Platform_**| **_Link to Fix_** \n---|---|---|---|--- \n8.1| 8.1.10| IT32315| Linux| <https://www.ibm.com/support/pages/node/5693319> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-07-16T06:39:01", "type": "ibm", "title": "Security Bulletin: IBM Spectrum Protect Backup-Archive Client web user interface, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments are vulnerabile to Logjam (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2020-07-16T06:39:01", "id": "3178FA6550D0CA5B7581AFF56C262B6690B66E92C74AD43816F432ADEEC8DBD8", "href": "https://www.ibm.com/support/pages/node/6245366", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:41", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM MQ Light.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nThe vulnerabilities affect users of IBM MQ Light V1.0 and V1.0.0.1 on all platforms.\n\n## Remediation/Fixes\n\nDownload and install the latest MQ Light Server appropriate for your platform from <https://developer.ibm.com/messaging/mq-light/>. \n \nThe following link describes how to re-use the data from your existing installation: _ \n_[_http://www.ibm.com/support/knowledgecenter/SSBJCR_1.0.0/com.ibm.mq.koa.doc/tmql_data.htm _](<http://www.ibm.com/support/knowledgecenter/SSBJCR_1.0.0/com.ibm.mq.koa.doc/tmql_data.htm>).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:13", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM MQ Light (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:13", "id": "01C7613943F3CC591C048E0D1322B74B2DBB71CC405DB2130F22513D3B3C07A6", "href": "https://www.ibm.com/support/pages/node/528453", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-09-16T22:02:42", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects TS2900.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nFirmware versions below 0039.\n\n## Remediation/Fixes\n\nUpdate to firmware version 0039 or greater. \n \nAs the length of the server key size is increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \nYou should verify that applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-03-26T01:04:50", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects TS2900 (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2023-03-26T01:04:50", "id": "BE5D938F4770D0AA90226E100E61C45C5FF16095FD13548582099E2D2BD7CA8C", "href": "https://www.ibm.com/support/pages/node/690521", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T06:00:47", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers affects IBM License Metric Tool and IBM Endpoint Manager for Software Use Analysis.\n\n## Vulnerability Details\n\n**CVEID**: [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>) \n**DESCRIPTION**: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM License Metric Tool v9 \n\nIBM Endpoint Manager for Software Use Analysis v9\n\n## Remediation/Fixes\n\nUpgrade to version 9.2.1.0 or newer. \n\nIn order to upgrade to version 9.2.1.0 or newer:\n\n * In IBM Endpoint Manager console, expand **IBM License Reporting** or **IBM BigFix Inventory** node under **Sites** node in the tree panel.\n * Click **Fixlets and Tasks** node. **Fixlets and Tasks** panel will be displayed on the right.\n * In the **Fixlets and Tasks** panel locate _Upgrade to the newest version of License Metric Tool 9.x_ or _Upgrade to the newest version of IBM BigFix Inventory 9.x_ fixlet and run it against the computer that hosts your IBM License Metric Tool or IBM Endpoint Manager for Software Use Analysis server.\n \nNote: In an airgapped environment, you have to run BESAirgapTool and BESDownloadCacher first in order to update your site. \n\n## Workarounds and Mitigations\n\nIn order to mitigate the vulnerability, limit the available ciphersuites using the following procedure: \n\n 1. Stop the server\n 2. Locate and edit server's _server.xml_ file. It is located in _<server_installation_dir>\\wlp\\usr\\servers\\server1_.\n 3. Add the following attribute to _ssl_ stanza:\n \n \nenabledCiphers=\"TLS_RSA_WITH_AES_128_CBC_SHA SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_AES_128_GCM_SHA256 \nTLS_RSA_WITH_AES_128_CBC_SHA256 SSL_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_ \n128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\" \n\nYour _ssl _stanza may look similar to the following after the change:\n\n \n<ssl clientAuthenticationSupported='false' id='defaultSSLConfig' keyStoreRef='defaultKeyStore' \nenabledCiphers=\"TLS_RSA_WITH_AES_128_CBC_SHA SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_AES_128_GCM_SHA256 \nTLS_RSA_WITH_AES_128_CBC_SHA256 SSL_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_ \n128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\"/> \n \n4\\. Save the file and restart the server. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-08-19T23:26:06", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Helman ciphers affects IBM License Metric Tool and IBM Endpoint Manager for Software Use Analysis (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2022-08-19T23:26:06", "id": "D3F2B69F6CA64D919AA9D68D5F3A3B4FF3FDD6E6FE626B4BDC20A3144536C410", "href": "https://www.ibm.com/support/pages/node/528789", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:46:25", "description": "## Summary\n\n \nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM WebSphere Application Server shipped with Tivoli Business Service Manager. \n \nIBM WebSphere Application Server is shipped as a component of Tivoli Business Service Manager. Information about this security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. \n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\n \n\n\n_Principal Product and Version(s)_| _Affected Supporting Product and Version_ \n---|--- \nTivoli Business Service Manager 4.2.x| WebSphere 6.1 \nTivoli Business Service Manager 6.1.x| WebSphere 7.0 \n \n\n\n## Remediation/Fixes\n\n \n\n\n_Principal Product and Version(s)_| _Affected Supporting Product and Version_ \n---|--- \nTivoli Business Service Manager 4.2.x| WebSphere 6.1 \n \nUpgrade to WebSphere Application Server Fix Pack 6.1.0.47 \n\n * Then apply Interim Fix [_PI42779_](<http://www-01.ibm.com/support/docview.wss?uid=swg24040182>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037458>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035396>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034996>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034418>): Will upgrade you to IBM SDK, Java 2 Technology Edition, Version 5.0 Service Refresh 16 Fix Pack 11 (which includes IV73962)\n \nSee Websphere Application Server Security Bulletin for more details: <http://www-01.ibm.com/support/docview.wss?uid=swg21957980> \nTivoli Business Service Manager 6.1.x| WebSphere 7.0 \n \nUpgrade to WebSphere Application Server Fix Pack 7.0.0.31 or later then apply the interim fix below: \n\n * Apply Interim Fix [_PI42778_](<http://www-01.ibm.com/support/docview.wss?uid=swg24040145>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039964>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039694>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24039292>):[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038816>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24038094>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24037515>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036968>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24036504>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035397>)[](<http://www.ibm.com/support/docview.wss?uid=swg24034997>)[](<http://www-01.ibm.com/support/docview.wss?uid=swg24034443>) Will upgrade you to IBM SDK, Java Technology Edition, Version 6 Service Refresh 16[](<http://www-01.ibm.com/support/docview.wss?uid=swg24033359>) Fix Pack 4 +IX90162+IV73934\n \nSee Websphere Application Server Security Bulletin for more details: <http://www-01.ibm.com/support/docview.wss?uid=swg21957980> \n \n## Workarounds and Mitigations\n\n \nRefer to the \"Full Profile\" portion in the \"Workarounds and Mitigation\" section of the Websphere Application Server Security Bulletin: <http://www-01.ibm.com/support/docview.wss?uid=swg21957980>\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:03:28", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM WebSphere Application Server shipped with Tivoli Business Service Manager. (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:03:28", "id": "C6222D8B5C5089ED0DA3DCBECFD071DAB2872D5C2C2038747C9C671477028135", "href": "https://www.ibm.com/support/pages/node/529319", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T06:08:56", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Tivoli Storage Productivity Center. \n \nUPDATED 1/29/2018: Even after fixing this vulnerability some vulnerability checks might still demand for an even tighter fix. A more comprehensive fix has been provided in IBM Spectrum Control. \n\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n\n## Affected Products and Versions\n\nTivoli Storage Productivity Center 5.2.0 through 5.2.6 \nTivoli Storage Productivity Center 5.1.0 through 5.1.1.7 \n \nThe versions listed above apply to all licensed offerings of Tivoli Storage Productivity Center, including IBM SmartCloud Virtual Storage Center Storage Analytics Engine. \n \nThe following versions are NOT affected: \n\n * Tivoli Storage Productivity Center 4.2.x\n * Tivoli Storage Productivity Center 4.1.x\n * TotalStorage Productivity Center 3.3.x\n\nUPDATED 1/29/2018: New installations of IBM Spectrum Control 5.2.15 contain a more comprehensive fix. Older and upgraded installations can apply the more comprehensive fix by upgrading to 5.2.16. \n\n## Remediation/Fixes\n\nThe solution is to apply an appropriate Tivoli Storage Productivity Center fix maintenance for each named product. The solution should be implemented as soon as practicable. (See [_Latest Downloads_](<http://www.ibm.com/support/docview.wss?uid=swg21320822>).) \n\n\n**Affected TPC Version**| **APAR**| **Fixed TPC Version**| **Availability** \n---|---|---|--- \n5.2.x| IT10948| 5.2.7| August 2015 \n5.1.x| IT10948| 5.1.1.8| July 2015 \n \nUPDATED 1/29/2018: Apply a more comprehensive fix by upgrading to IBM Spectrum Control 5.2.16 (March 2018) or by upgrading to IBM Spectrum Control 5.2.15 and following the local fix for APAR [IT23276](<http://www.ibm.com/support/docview.wss?uid=swg1IT23276>).\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-02-22T19:50:07", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Tivoli Storage Productivity Center (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2022-02-22T19:50:07", "id": "90B187AAB18271430FE3CD85277543D3D711DFD634CA7A0214510FF1F866C460", "href": "https://www.ibm.com/support/pages/node/530919", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:38:18", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Rational Synergy\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n\u00b7 Rational Synergy release 7.2.1.3 ifix02 or earlier. \n\u00b7 Rational Synergy release 7.2.0.7 ifix01 or earlier. \n\n## Remediation/Fixes\n\n_Product_\n\n| \n_VRMF_| \n_APAR_| \n_Remediation/First Fix_ \n---|---|---|--- \n \n_Rational Synergy_| \n**_7.2.0.x and 7.2.1.x_**| \n_N/A_| Replace the JRE used in Rational Synergy. \n \n**Steps to download and replace JRE in Rational Synergy:** \n1\\. Open the list of [_Synergy downloads on Fix Central_](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ERational&product=ibm/Rational/Rational+Synergy&release=All&platform=All&function=all&source=fc>) \n2\\. Select the SDK and Readme for Rational Synergy which applied to your release as follows: \n\n \n**Note:** The fix will use the following naming convention: \n**_<V.R.M.F>_** _-Rational-RATISYNE-JavaSE-SDK-6.0.16.5-_ **_<platform>_** ** \n \n**Where **<V.R.M.F> = release **& **<platform> = operating system** \n \no Rational Synergy 7.2.1 (uses 7.2.1.3 release designation) \nExample: **7.2.1.3-Rational-RATISYNE-JavaSE-SDK-6.0.16.5-Linux** \n \no Rational Synergy 7.2.0 (uses 7.2.0.7 release designation) \nExample: **7.2.0.7-Rational-RATISYNE-JavaSE-SDK-6.0.16.5-Windows** \n3\\. Follow the steps in the [_Install instructions_](<http://www.ibm.com/support/docview.wss?uid=swg27042896>) to replace the JRE. \nFollow the steps in the [_HPUX_Install Instructions_](<http://www.ibm.com/support/docview.wss?uid=swg27045456>) to replace the JRE if your Synergy Platform is on HPUX \n \n_For Rational Synergy 7.1.0.x IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n \n**To verify if Synergy has JRE version to address this security vulnerability**:- \nOpen a command prompt ** \nUnix**:- \nGo to $CCM_HOME/jre/bin folder \nExecute ./java -version \n** \nWindows**:- \nGo to %CCM_HOME%\\jre\\bin folder \nExecute java -version \n \nIf in the output version is greater than SR16 FP5 or if it is SR16 FP5, It implies the run area has jre version that addressed this security vulnerability. \n** \nExample**:- \njava version \"1.6.0\" \nJava(TM) SE Runtime Environment (build pwi3260sr16fp5-20150602_01(SR16 FP5)) \nIBM J9 VM (build 2.4, JRE 1.6.0 IBM J9 2.4 Windows 7 x86-32 jvmwi3260sr16fp4-201 \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-12-22T18:05:37", "type": "ibm", "title": "Security Bulletin:Vulnerability in Diffie-Hellman ciphers affects Rational Synergy (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2020-12-22T18:05:37", "id": "5F5982BCDCCD1BEEE011D85865D8E1FA5890F598765753DCC1F84A5EE6600B63", "href": "https://www.ibm.com/support/pages/node/529181", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:49:11", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Rational Directory Server.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n**Product**\n\n| **Version** \n---|--- \nRational Directory Server (Tivoli) | 5.2 - 5.2.1_iFix007 \nRational Directory Server (Apache)| 5.1.1 - 5.1.1.2_iFix008 \n \n## Remediation/Fixes\n\n**Product**\n\n| **Download link** \n---|--- \nIBM Rational Directory Server 5.2 (Tivoli) and above| [_RDS_5.2.1_iFix08_](<http://www-01.ibm.com/support/docview.wss?uid=swg24040162>) \nIBM Rational Directory Server 5.1.1 (Apache) and above| [_RDS_5.1.1.2_iFix09_](<http://www-01.ibm.com/support/docview.wss?uid=swg24040161>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T05:03:06", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Rational Directory Server (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T05:03:06", "id": "64E4AD96490F998C6406C0F2414B26B1CD38242CD841B6F0B8AA84C8781F01D3", "href": "https://www.ibm.com/support/pages/node/528235", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:39:32", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Rational Application Developer for WebSphere Software\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nRational Application Developer 9.1.1 and earlier.\n\n## Remediation/Fixes\n\nUpdate the Java Development Kit of the product to address this vulnerability: \n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nRational Application Developer| 8.0 through 9.1.1| PI45572| \n\n * For all versions, apply [IBM SDK Java Technology Edition Critical Patch Update - April 2015, RC4 Bar Mitzvah Attack for SSL/TLS, and Logjam vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg24040408>).\n * For the WebSphere Application Server 7.0 Test Environment, apply [WebSphere Application Server 7.0 Test Environment Extension Fix Pack 37u1 (7.0.0.37u1)](<http://www.ibm.com/support/docview.wss?uid=swg24040433>)\n * For WebSphere Application Server version 8.0 and 8.5 used by the product, see [Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>) \nRational Agent Controller| 7.0 through to 9.1.1| PI45572| \n\n * Apply [Rational Agent Controller FixPack 2 (9.1.1.2) for 9.1.1](<http://www-01.ibm.com/support/docview.wss?uid=swg24040414>) \nRational Build Utility| 8.0 through to 9.1.1| PI45572| \n\n * For use on Windows or Linux: apply [IBM SDK Java Technology Edition Critical Patch Update - April 2015, RC4 Bar Mitzvah Attack for SSL/TLS, and Logjam vulnerabilities](<http://www.ibm.com/support/docview.wss?uid=swg24040408>).\n * For use on System z:\n * Version 8.0: Apply the latest [Java Technology Edition, V6.0.0 PTF](<http://www-03.ibm.com/systems/z/os/zos/tools/java/>).\n * Version 8.5, 9.0 and 9.1: Apply the latest [Java Technology Edition, V7.0.0](<http://www-03.ibm.com/systems/z/os/zos/tools/java/>). \n \n## Workarounds and Mitigations\n\nNone. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-02-05T00:09:48", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Rational Application Developer for WebSphere (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2020-02-05T00:09:48", "id": "BD8C62C76841FE9A4868BF425316D594411D32647FBA50D978D31C561C8BF18C", "href": "https://www.ibm.com/support/pages/node/533551", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T06:09:46", "description": "## Summary\n\nIBM Spectrum Protect Snapshot for VMware is vulnerable to Logjam (CVE-2015-4000)\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>) \n** DESCRIPTION: **The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/103294](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect Snapshot for VMware| 4.1.0.0-4.1.6.9 \n \n## Remediation/Fixes\n\n**_Spectrum Protect Snapshot \nfor VMware Release_**| **_First Fixing \nVRM Level_**| **_Platform_**| **_Link to Fix_** \n---|---|---|--- \n4.1| 4.1.6.10| Linux| <https://www.ibm.com/support/pages/node/6218870> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-02-01T11:37:31", "type": "ibm", "title": "Security Bulletin: IBM Spectrum Protect Snapshot for VMware is vulnerable to Logjam (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2022-02-01T11:37:31", "id": "C847EA33C7950732EFA671EB689209F5059DA3AD7C15C24FAFBCFD0BAAFEC481", "href": "https://www.ibm.com/support/pages/node/6220314", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:40", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of IBM SOA Policy Gateway Pattern for Red Hat Enterprise Linux Server 2.5.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM SOA Policy Gateway Pattern for Red Hat Enterprise Linux Server version 2.5\n\n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\nCustomers should follow the mitigation advice contained in the WebSphere Application Server security bulletin, located at [http://www.ibm.com/support/docview.wss?uid=swg21957980](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>) .\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:13", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM SOA Policy Gateway Pattern for Red Hat Enterprise Linux Server 2.5 (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:13", "id": "FFD69F78FD2C1A7E035E286C6E8A231F33B1AFC690BA2EEA961139EAD4951560", "href": "https://www.ibm.com/support/pages/node/528747", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:41", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM\u00ae WebSphere Real Time\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThis vulnerability affects IBM WebSphere Real Time Version 3 Service Refresh 9 and earlier releases\n\n## Remediation/Fixes\n\nThe fix for this vulnerability is included in IBM WebSphere Real Time Version 3 Service Refresh 9 Fix Pack 1 and subsequent releases. \n \nIBM customers should download WebSphere Real Time updates from [Fix Central](<http://www.ibm.com/support/fixcentral/>). \n \nIBM WebSphere Real Time releases can also be downloaded from [_developerWorks_](<http://www.ibm.com/developerworks/java/jdk/index.html>). \n \nThe APAR for this fix is [IV73934](<http://www.ibm.com/support/docview.wss?uid=swg1IV73934>). \n \nFurther information on the changes associated with this vulnerability can be found [here](<http://www-01.ibm.com/support/docview.wss?uid=swg21959956>). \n \nAs the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted.\n\n## Workarounds and Mitigations\n\nThe vulnerability can be mitigated by explicitly disabling DH and DHE ciphers, using one of the following options: \n\n\n * Disable DH and DHE cipher suites by adding the DH and DHE cipher suites to the list of disabled algorithms defined by the `jdk.tls.disabledAlgorithms` security property in `java.security` file.\n * Ensure that the DH or DHE cipher suite(s) are not explicitly enabled via the setEnabledCipherSuites() method.\n * If using the javax.net.ssl.HttpsURLConnection API, set the `https.cipherSuites` system property so that it does not include DH or DHE cipher suites.\n * Configure SP800-131a strict compliance or any Suite B configuration.\n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:12", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM\u00ae WebSphere Real Time (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:12", "id": "798DF01FEC95844EBE37C895AD1124D6BC864FAD48501AEF94FBEFB186615380", "href": "https://www.ibm.com/support/pages/node/528867", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T01:46:56", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects the IBM Tivoli Storage Manager Client. However, the problem only manifests when the Tivoli Storage Manager Client is used as the IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware data mover. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThis security exposure affects network connections between the Tivoli Storage Manager Client (IBM Spectrum Protect Client) and VMware services. However, the problem only manifests when the Tivoli Storage Manager Client is used in conjunction with Tivoli Storage Manager for Virtual Environments (IBM Spectrum Protect for Virtual Environments): Data Protection for VMware. Therefore, this exposure affects: \n\n * Tivoli Storage Manager Client levels 7.1.2.0 through 7.1.3.1 for the Windows and Linux x86 platforms.\n * Tivoli Storage Manager for Virtual Environments: Data Protection for VMware versions 7.1.2 and 7.1.3.\n \nNote: The Tivoli Storage Manager Client for Windows and Linux x86 is shipped within and used as the Data Protection for VMware data mover.\n\n## Remediation/Fixes\n\n**_Tivoli Storage Manager Client Release_**\n\n| **_Fixing VRM Level_**| **_ \n \nPlatform_**| **_Link to Fix / Fix Availability Target_** \n---|---|---|--- \n7.1| 7.1.4| Linux x86 \nWindows| [http://www.ibm.com/support/docview.wss?uid=swg24041094](<http://www-01.ibm.com/support/docview.wss?uid=swg24041094>) \nThis issue has also been fixed in Tivoli Storage Manager Client level 7.1.3.2. You can download and apply the 7.1.3.2 fix using this link: [http://www.ibm.com/support/docview.wss?uid=swg24041143](<http://www-01.ibm.com/support/docview.wss?uid=swg24041143>) \n \n \n**_Tivoli Storage Manager for Virtual Environments: Data Protection for VMware Release_**| **_Fixing VRM Level_**| **_Platform_**| **_Link to Fix / Fix Availability Target_** \n---|---|---|--- \n7.1| 7.1.4| Linux \nWindows| <http://www.ibm.com/support/docview.wss?uid=swg24041094> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:13:56", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects the IBM Tivoli Storage Manager Client and the IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware data mover (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:13:56", "id": "20A60366A6B11F11A4C8590ACA474E9EA294C7470472FDEDE1C30AC18D935A5C", "href": "https://www.ibm.com/support/pages/node/273789", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-13T05:37:54", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Virtualization Engine TS7700.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nAll versions of microcode for the IBM Virtualization Engine TS7700 (3957-V06, 3957-V07, 3957-VEA, 3957-VEB) prior to release R2.1 are affected. In addition, microcode versions of releases R2.1, R3.0, R3.1 and R3.2 prior to and including the following are also affected: \n\n**Release**\n\n| **Version** \n---|--- \nR3.2| 8.32.1.8 \nR3.1| 8.31.0.92 \nR3.0| 8.30.3.4 \nR2.1| 8.21.0.178 \n \n## Remediation/Fixes\n\nContact IBM Service at 1-800-IBM-SERV to arrange an upgrade to the latest microcode level followed by the installation of vtd_exec.213, vtd_exec.214 and vtd_exec.215 as needed. Minimum microcode levels are shown below: \n\n**Release**\n\n| **Fix** \n---|--- \nR3.0, R3.1 or R3.2| Upgrade to 8.32.1.8 or later + vtd_exec.213 + vtd_exec.214 + vtd_exec.215 \nR2.1| Upgrade to 8.21.0.178 or later + vtd_exec.213 + vtd_exec.214 + vtd_exec.215 \nOlder Releases| Upgrade to 8.21.0.178 or later + vtd_exec.213 + vtd_exec.214 + vtd_exec.215 \n \nPlease note that vtd_exec packages carry their own internal version numbers. For the vulnerabilities reported in this Security Bulletin, the minimum required vtd_exec versions are as follows: **Package**| **Version** \n---|--- \nvtd_exec.213| 1.06 \nvtd_exec.214| 1.06 \nvtd_exec.215| 1.06 \n \nAs the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nAlthough IBM recommends that you upgrade to the fixes identified above, you can mitigate, but not eliminate the risk of these vulnerabilities by restricting physical and network access to the TS7700 to authorized users and IBM Service Personnel only.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-18T00:09:44", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Virtualization Engine TS7700 (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-18T00:09:44", "id": "CA4831712C5406E15B2BF982E9BCA9800DB572A220393966A92C3D080143B464", "href": "https://www.ibm.com/support/pages/node/690545", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:46:22", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Operations Analytics - Predictive Insights.\n\n## Vulnerability Details\n\nCVEID: [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \nDESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Operations Analytics - Predictive Insights 1.3.2 and earlier\n\n## Remediation/Fixes\n\n \n \n_You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions._\n\n## Workarounds and Mitigations\n\nInstallation Instructions \n\\------------------------------------ \nAs the user that installed the IBM Operations Analytics - Predictive Insights UI component, typically scadmin \n1\\. Stop the UI server used by IBM Operations Analytics - Predictive Insights \n<UI_HOME>/bin/pi.sh -stop \nwhere <UI_HOME> is typically /opt/IBM/scanalytics/UI \n2\\. cd <UI_HOME>/ibm-java-x86_64-70/jre/lib/security/ \n3\\. Create a copy of java.security file \ncp java.security java.security_orig \n4\\. Edit <UI_HOME>/ibm-java-x86_64-70/jre/lib/security/java.security file. \nAdd DH and DHE to jdk.tls.disabledAlgorithms variable. \nFor example \nvi <UI_HOME>/ibm-java-x86_64-70/jre/lib/security/java.security and change this line: \njdk.tls.disabledAlgorithms=SSLv3, RC4 \nto \njdk.tls.disabledAlgorithms=SSLv3, RC4, DH, DHE \n5\\. start UI server \n<UI_HOME>/bin/pi.sh -start \n \n \n \nRemoval Instructions \n\\------------------------------------ \nAs the user that installed the IBM Operations Analytics - Predictive Insights UI component, typically scadmin \n1\\. Stop the UI server used by IBM Operations Analytics - Predictive Insights \n<UI_HOME>/bin/pi.sh -stop \nwhere <UI_HOME> is typically /opt/IBM/scanalytics/UI \n2\\. cd <UI_HOME>/ibm-java-x86_64-70/jre/lib/security/ \n3\\. Replace java.security file with the original \nmv java.security_orig java.security \n4\\. start UI server \n<UI_HOME>/bin/pi.sh -start \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:03:11", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Operations Analytics - Predictive Insights (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:03:11", "id": "D3C6D03503FC181653DFBA92FDF1624F0F516332535829D170C0C7C4D1D5E839", "href": "https://www.ibm.com/support/pages/node/528579", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:48:00", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects FileNet Content Manager, IBM Content Foundation and FileNet Business Process Manager.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nFileNet Content Manager 5.1.0, 5.2.0, 5.2.1 \nIBM Content Foundation 5.2.0, 5.2.1 \nFileNet Business Process Manager 4.5.1, 5.0.0, 5.2.0\n\n## Remediation/Fixes\n\nInstall IBM Java Runtime Environment (JRE) v1.6 SR16 FP5 or higher which is provided in the following releases in the table below. \n\n\n**Product**| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nFileNet Content Manager| 5.1.0 \n5.2.0 \n5.2.1| PJ43346 \nPJ43346 \nPJ43340 \nPJ43342 \nPJ43342| 5.2.0.3-P8CPE-IF007 - August 4, 2015 \n5.2.1.2-P8CPE-IF001 - August 4, 2015 \n5.1.0.0-P8CSS-IF013 - July 31, 2015 \n5.2.0.2-P8CSS-IF005 - August 4, 2015 \n5.2.1.2-P8CSS-IF001 - August 4, 2015 \nIBM Content Foundation| 5.2.0 \n5.2.1| PJ43346 \nPJ43346 \nPJ43342 \nPJ43342| 5.2.0.3-P8CPE-IF007 - August 4, 2015 \n5.2.1.2-P8CPE-IF001 - August 4, 2015 \n5.2.0.2-P8CSS-IF005 - August 4, 2015 \n5.2.1.2-P8CSS-IF001 - August 4, 2015 \nFileNet Business Process Manager| 4.5.1 \n5.0.0 \n5.2.0| PJ43344 \nPJ43345 \nPJ43345PJ43347| 4.5.1.4-P8PE-IF008 - August 4, 2015 \n5.0.0.8-P8PE-IF002 - August 4, 2015 \n5.0.0.9-P8PE-FP009 - July 31, 2015 \neProcess-5.2.0-001.006 (Win, Sol, AIX, HP, HPUX only) - August 4, 2015 \n \nReleases available from Fix Central: <http://www.ibm.com/support/fixcentral/>\n\n \n \nIBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T12:11:34", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects FileNet Content Manager, IBM Content Foundation and FileNet BPM (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T12:11:34", "id": "EFEA41F219C6C85BCB117A65FA7EA265B6805272375D320CA34B86DCCC1F2789", "href": "https://www.ibm.com/support/pages/node/529763", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:54:31", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Cognos Business Intelligence\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Cognos Business Intelligence Server 10.2.2 \nIBM Cognos Business Intelligence Server 10.2.1.1 \nIBM Cognos Business Intelligence Server 10.2 \nIBM Cognos Business Intelligence Server 10.1.1 \nIBM Cognos Business Intelligence Server 10.1 \nIBM Cognos Business Intelligence Server 8.4.1\n\n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\nThe DH cipher suites must be disabled using Cognos Configuration by performing the following actions: \n \n1) Start Cognos Configuration. \n \n2) Navigate to Security/Cryptography/Cognos \n \n3) Open the supported cipher suites selection dialog. \n \n4) Select all cipher suites that have DH in the the name and remove them from the Current Values List. Select OK to save the new list. \n \n5) Save and restart your service using Cognos Configuration. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the DH stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the DH stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T23:13:47", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Business Intelligence (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T23:13:47", "id": "09831B786252126B878AC9EABFBCE379EA9C3C3E1037D0BFEA997E58E13D41B2", "href": "https://www.ibm.com/support/pages/node/529093", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-23T21:52:04", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Tivoli Common Reporting, IBM Systems Director, IBM Tivoli Monitoring and Tivoli Application Dependency Discovery Manager which are shipped as components of IBM Systems Director Editions.\n\n## Vulnerability Details\n\n## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Tivoli Common Reporting, IBM Systems Director, IBM Tivoli Monitoring and Tivoli Application Dependency Discovery Manager which are shipped as components of IBM Systems Director Editions.\n\nInformation about the security vulnerability affecting the above components has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletins listed below for the vulnerability details of the affected products.\n\n## Affected Products and Versions\n\nAffected Product and Version(s) | Product and Version shipped as a component | Security Bulletin \n---|---|--- \nIBM System Director Editions 6.2.0.0 | Tivoli Common Reporting 1.3 | <http://www-01.ibm.com/support/docview.wss?uid=swg21967384> \nIBM System Director Editions 6.2.0.0 | Tivoli Application Dependency Discovery Manager v7.2 | <https://www-304.ibm.com/support/docview.wss?uid=swg21961088> \nIBM System Director Editions 6.2.0.0 | IBM Tivoli Monitoring 6.2.2.02. base FP2 (TEPS, TDW, TCR) | <http://www.ibm.com/support/docview.wss?uid=swg21962739> \nIBM System Director Editions 6.2.0.0 | IBM System Director 6.2.0.0 | [ https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098522](<https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098522>) \nIBM System Director Editions 6.2.1.0 | Tivoli Common Reporting 1.3 | <http://www-01.ibm.com/support/docview.wss?uid=swg21967384> \nIBM System Director Editions 6.2.1.0 | Tivoli Application Dependency Discovery Manager v7.2 | <https://www-304.ibm.com/support/docview.wss?uid=swg21961088> \nIBM System Director Editions 6.2.1.0 | IBM Tivoli Monitoring6.2.2 (TEPS, TDW, TCR) | <http://www.ibm.com/support/docview.wss?uid=swg21962739> \nIBM System Director Editions 6.2.1.0 | IBM System Director 6.2.1.0 | [ https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098522](<https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098522>) \nIBM System Director Editions 6.3.0.0 | Tivoli Common Reporting 1.3 | <http://www-01.ibm.com/support/docview.wss?uid=swg21967384> \nIBM System Director Editions 6.3.0.0 | Tivoli Application Dependency Discovery Manager v7.2.1 | <https://www-304.ibm.com/support/docview.wss?uid=swg21961088> \nIBM System Director Editions 6.3.0.0 | IBM Tivoli Monitoring 6.2.3 (TEPS, TDW, TCR) | <http://www.ibm.com/support/docview.wss?uid=swg21962739> \nIBM System Director Editions 6.3.0.0 | IBM Systems Director 6.3.0.0 | [ https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098522](<https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098522>) \nIBM System Director Editions 6.3.2.0 | Tivoli Common Reporting 1.3 | <http://www-01.ibm.com/support/docview.wss?uid=swg21967384> \nIBM System Director Editions 6.3.2.0 | IBM Tivoli Monitoring 6.3 (TEPS, TDW, TCR) | <http://www.ibm.com/support/docview.wss?uid=swg21962739> \nIBM System Director Editions 6.3.2.0 | IBM Systems Director 6.3.2.0 | [ https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098522](<https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098522>) \n \n## Reference\n\n * [Complete CVSS V2 Guide](<http://www.first.org/cvss/v2/guide>)\n * [On-line Calculator V2](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www-01.ibm.com/software/test/wenses/security/>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/PSIRT>) \n\n\n## Acknowledgement\n\nNone.\n\n**Change History** \n28 September 2015: Original version published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2019-01-31T02:10:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Systems Director Editions. (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-01-31T02:10:01", "id": "D9CE347758D4A66CEE61A547DBAF9CADD75119B2F36B2ECBDB4613CA8BDD542A", "href": "https://www.ibm.com/support/pages/node/867934", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:54:52", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Cognos Command Center.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Cognos Command Center 10.2.2 \n\nIBM Cognos Command Center 10.2.1\n\nIBM Cognos Command Center 10.2\n\nIBM Cognos Command Center 10.1\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the IBM JRE 6.0 SR16FP5 to the following versions of \nIBM Cognos Command Center: \n\n\n * IBM Cognos Command Center 10.2.2\n * IBM Cognos Command Center 10.2.1\n * IBM Cognos Command Center 10.2\n * IBM Cognos Command Center 10.1\n \nThe fix for all affected versions is found here: [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cognos&product=ibm/Information+Management/Cognos+Command+Center&release=10.2.2&platform=Windows+32-bit,+x86&function=fixId&fixids=10.2.2-BA-CCC-Win32-JRE-60SR16FP5](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cognos&product=ibm/Information+Management/Cognos+Command+Center&release=10.2.2&platform=Windows+32-bit,+x86&function=fixId&fixids=10.2.2-BA-CCC-Win32-JRE-60SR16FP5>) \n \n**Installation instructions for applying this fix**. \n \nFor Microsoft Windows servers where the Agent or Server component is installed. \n\n 1. Download the 32 bit IBM Java JRE (file name: ibm-java-jre-60-win-i386.zip, Size: 75 MB).\n 2. Stop the CccServer, CccQueue and CccAgent Microsoft Windows services.\n 3. For IBM Cognos Command Center 10.1 and 10.2: Rename the <INSTALLDIR>\\Common\\java directory to <INSTALLDIR>\\Common\\java.orig\n 4. For IBM Cognos Command Center 10.2.1: Rename the <INSTALLDIR>\\Common\\java.6.0.16.0 directory to <INSTALLDIR>\\Common\\java.6.0.16.0.orig\n 5. For IBM Cognos Command Center 10.2.2: Rename the <INSTALLDIR>\\Common\\java.6.0.16 directory to <INSTALLDIR>\\Common\\java.6.0.16.orig\n 6. For IBM Cognos Command Center 10.1 and 10.2: Unpack the content of the ibm-java-jre-60-win-i386.zip file to <INSTALLDIR>\\Common\\java\n 7. For IBM Cognos Command Center 10.2.1: Unpack the content of the ibm-java-jre-60-win-i386.zip file to <INSTALLDIR>\\Common\\java.6.0.16.0\n 8. For IBM Cognos Command Center 10.2.2: Unpack the content of the ibm-java-jre-60-win-i386.zip file to <INSTALLDIR>\\Common\\java.6.0.16\n 9. Start the CccAgent, CccQueue and CccServer Microsoft Windows services.\n 10. Validate the installation by testing the connectivity to the agent using the CCC Client.\n \n \nFor Microsoft Windows servers where the Server or Web Client component is installed apply these additional steps. \n\n\n 1. Follow the instructions described in the Microsoft Security Bulletin MS15-055 titled \"Vulnerability in Schannel Could Allow Information Disclosure (3061518)\". [(https://technet.microsoft.com/en-us/library/security/ms15-055.aspx](<https://technet.microsoft.com/en-us/library/security/ms15-055.aspx>))\n \n \nFor IBM Cognos Command Center with above fix applied: Before upgrading your installation to 10.2.2 please revert to the original \\java\\ or \\java.6.0.16.0\\ directory: \n\n 1. Stop the CccServer, CccQueue and CccAgent Windows services.\n 2. Rename the <INSTALLDIR>\\Common\\java (or \\java.6.0.16.0) directory to <INSTALLDIR>\\Common\\java.cve (or \\java.6.0.16.0.cve)\n 3. Rename the <INSTALLDIR>\\Common\\java.orig (or java.6.0.16.0.orig) directory to <INSTALLDIR>\\Common\\java (or java.6.0.16.0).\n 4. Proceed to upgrade your Cognos Command Center installation to a newer version.\n 5. After upgrade to newer version is done, please reapply \"Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Command Center (CVE-2015-4000)\" fix starting Step 1.\n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T22:37:48", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Command Center (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T22:37:48", "id": "7FA5FD5347FF0A5D7312F1E7E1040178A520D530A067CD9BC3046D2F8C2F52FB", "href": "https://www.ibm.com/support/pages/node/530181", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:49:08", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Jazz Team Server and Cognos Business Intelligence (Cognos BI) shipped with Rational Insight.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product(s) and Version(s) \n---|--- \nRational Insight 1.1, 1.1.1, 1.1.1.1 and 1.1.1.2| Cognos BI 10.1.1 \nRational Insight 1.1.1.3| Cognos BI 10.2.1 \nRational Insight 1.1.1.4, 1.1.1.5 and 1.1.1.6| Cognos BI 10.2.1 Fix pack 2 \nJazz Team Server 5.0, 5.0.1 and 5.0.2 \nRational Insight 1.1.1.7| Cognos BI 10.2.1 Fix pack 2 \nJazz Team Server 6.0 \n \n## Remediation/Fixes\n\nApply the recommended fixes to all affected versions of Rational Insight. \n \n<Cognos - Done. JTS - TBD> \n \n**Rational Insight 1.1 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.1.1 Interim Fix 14 (Implemented by file 10.1.6305.508)](<http://www-01.ibm.com/support/docview.wss?uid=swg24040520>). \nReview technote [1679272: Install a Cognos Business Intelligence 10.1.1 fix package in Rational Insight 1.1](<http://www-01.ibm.com/support/docview.wss?uid=swg21679272>) for detailed instructions.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1, 1.1.1.1 and 1.1.1.2 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.1.1 Interim Fix 14 (Implemented by file 10.1.6305.508)](<http://www-01.ibm.com/support/docview.wss?uid=swg24040520>). \nRead technote [1679281: Install a Cognos Business Intelligence 10.1.1 fix package in Rational Reporting for Development Intelligence 2.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679281>) for the detailed instructions for patch application.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1.3 ** \n \n\n\n * Download the [IBM Cognos Business Intelligence 10.2.1 Interim Fix 12 (Implemented by file 10.2.5000.506)](<http://www-01.ibm.com/support/docview.wss?uid=swg24040519>). \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg24035869>)**Rational Insight 1.1.1.4 and 1.1.1.5 and 1.1.1.6 and 1.1.1.7 ** \n \n\n\n 1. If the Data Collection Component or Jazz Reporting Serivce are used, perform this step first. \nReview the topics in [Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959325>) for addressing the listed vulnerabilities in their underlying Jazz Team Server. \n\n 2. If the Cognos-based reporting server is used, also perform this step. \nDownload the [IBM Cognos Business Intelligence 10.2.1.1 Interim Fix 11 (Implemented by file 10.2.5008.512)](<http://www-01.ibm.com/support/docview.wss?uid=swg24040519>). \nReview technote [1679283: Installing Cognos Business Intelligence 10.2.1.x fix pack in Rational Reporting for Development Intelligence 2.0.x/5.0.x and Rational Insight 1.1.1.x](<http://www-01.ibm.com/support/docview.wss?uid=swg21679283>) for the detailed instructions for patch application.\n\n## Workarounds and Mitigations\n\nPlease consult the security bulletin [Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959325>) \n[](<http://www-01.ibm.com/support/docview.wss?uid=swg21959325>) (Jazz Team Server) and [Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Business Intelligence (CVE-2015-4000)](<http://www-01.ibm.com/support/docview.wss?uid=swg21959671>) (Cognos BI) for vulnerability details and information about fixes. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T05:03:09", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman cipher affects Rational Insight (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T05:03:09", "id": "070B63F4B5AA1ABA57892C3A0B6D95304819C7596D50A577F6DDE75F604323E7", "href": "https://www.ibm.com/support/pages/node/528965", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T06:14:04", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects the IBM Installation Manager and IBM Packaging Utility.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Installation Manager and IBM Packaging Utility versions 1.8.3 and earlier.\n\n## Remediation/Fixes\n\n_Product_\n\n| \n\n_VRMF_ | \n\n_APAR_ | \n\n_Remediation/First Fix_ \n---|---|---|--- \n \n_Installation Manager and IBM Packaging Utility_ | \n\n_1.0 - 1.7.4.x_ | \n\n_None_ | \n\n[_1.7.4.3 IBM Installation Manager Remediation_](<http://www.ibm.com/support/docview.wss?uid=swg24040146>) \n[_1.7.4.3 IBM Packaging Utility Remediation_](<http://www.ibm.com/support/docview.wss?uid=swg24040147>) \n\n\n_Please note that the 1.7.4.3 fix is intended for upgrade of 1.7.4.2 and earlier versions which continue support on platforms that are NOT supported by 1.8 or later versions._\n\n \n_Users running 1.7.4.2 or earlier version on platforms that ARE supported by 1.8.x version, should upgrade to 1.8.3 and implement the work around described below._ \n \n_Installation Manager and IBM Packaging Utility_ | \n\n_1.8.x_ | \n\n_None_ | \n\n[__1.8.4 IBM Installation Manager Remediation__](<http://www.ibm.com/support/docview.wss?uid=swg24040291>)_ \n_[__1.8.4 IBM Packaging Utility Remediation__](<http://www.ibm.com/support/docview.wss?uid=swg24040292>) \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nFor the 1.8.x releases, you can work around this vulnerability by disabling DH and DHE cipher suites. This can be achieved by adding the **DH** and **DHE** cipher suites to the list of disabled algorithms defined by the **jdk.tls.disabledAlgorithms** security property in **java.security** file. This does NOT include ciphers that have ECDH or ECDHE in the name; these are elliptic curve Diffie-Hellman ciphers and they are not affected. \n \n \n_ \nFor the IBM Installation Manager:_ \n \nYou will find the **java.security** file in the following folder, by platform: \n\n\n * AIX Platforms: <Installation Manager install_dir>/eclipse/jre_<version>/jre/lib/security/\n * HP-UX Platforms: <Installation Manager install_dir>/eclipse/jre_<version>/jre/lib/security/\n * Linux and Solaris Platforms: <Installation Manager install_dir>/eclipse/jre_<version>/jre/lib/security/\n * Windows Platforms: <Installation Manager install_dir>\\eclipse\\jre_<version>\\jre\\lib\\security\\\n * Mac OSX Platforms: <Installation Manager install_dir>/eclipse/jre_<version>/jre/Contents/Home/lib/security/\n \n \n_For the IBM Packaging Utility:_ \n \nYou will find the **java.security** file in the following folder, by platform: \n\n\n * AIX Platforms: <Packaging Utility install_dir>/jre/lib/security/\n * Linux and Solaris Platforms: <Packaging Utility install_dir>/jre/lib/security/\n * Windows Platforms: <Packaging Utility install_dir>\\jre\\lib\\security\\\n * Mac OSX Platforms: <Packaging Utility install_dir>/jre/Contents/Home/lib/security/\n * You should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-10-25T12:12:53", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects the IBM Installation Manager and IBM Packaging Utility (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2021-10-25T12:12:53", "id": "94B0A84F948BEBD11E6ABCE3D118F7FC06257AEC453FAFBCB09EDFB4AF4C95F8", "href": "https://www.ibm.com/support/pages/node/529009", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:46:22", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Tivoli Netcool System Service Monitors/Application Service Monitors.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nSSM 4.0.0 FP1 - FP14 and Interim Fix 14-01 \u2013 Interim Fix 14-06 \nSSM 4.0.1 FP1 \u2013 FP2 Interim Fix 02\n\n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\nModify the INIVAR FileTransferSSLCipherSuite in init.cfg. This is currently: \n\nFileTransferSSLCipherSuite=AES:3DES:DES:!EXP\n\nDisable the DHE and EDH Ciphers by changing it to the following and restarting SSM:\n\nFileTransferSSLCipherSuite=AES:3DES:DES:!EXP:!DHE:!EDH\n\nNote that as this is a new INIVAR this mitigation requires applying either of the following fixes first: \nSSM 4.0.1.2 Interim Fix 2 - [_http://www.ibm.com/support/docview.wss?uid=isg400002115_](<http://www.ibm.com/support/docview.wss?uid=isg400002115>) \nSSM 4.0.0.14 Interim Fix 6 - [](<http://www.ibm.com/support/docview.wss?uid=isg400002120>)[_http://www.ibm.com/support/docview.wss?uid=isg400002120_](<http://www.ibm.com/support/docview.wss?uid=isg400002120>)\n\nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:03:10", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Tivoli Netcool System Service Monitors/Application Service Monitors (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:03:10", "id": "690B06C7F5212D7DEEF850B67CA2EC1248A104ACF526D1170F890F3AA37D2285", "href": "https://www.ibm.com/support/pages/node/528367", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:39", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM API Management.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM API Management V2.0, V3.0 and V4.0\n\n## Remediation/Fixes\n\n \n\n\n**Product**| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nIBM API Management| 2.0.0| LI78649| [Apply V2.0.0.2 cumulative ifix 014](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+API+Management&release=2.0.0.2&platform=All&function=fixId&fixids=2.0.0.2-IBMAPIManagement-CUMUIFIX-014-upgrade&includeSupersedes=0>) \nIBM API Management| 3.0.0| LI78649| [Apply V3.0.4.2 cumulative interim fix 001](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+API+Management&release=3.0.4.2&platform=All&function=fixId&fixids=3.0.4.2-APIManagement-ManagementAppliance-20150624-1732-CUMUIFIX-001.vcrypt2,3.0.4.2-APIManagement-ManagementAppliance-20150624-1732-CUMUIFIX-001.ova&includeSupersedes=0>) \nIBM API Management| 4.0.0| LI78649| [Apply V4.0.1.0 cumulative ifix 002](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+API+Management&release=4.0.1.0&platform=All&function=fixId&fixids=4.0.1.0-APIManagement-ManagementAppliance-20150623-1719CUMUIFIX-002.vcrypt2,4.0.1.0-APIManagement-ManagementAppliance-20150623-1719-CUMUIFIX-002.ova&includeSupersedes=0>) \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions \n\n## Workarounds and Mitigations\n\n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:14", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects\u00a0IBM API Management\u00a0(CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:14", "id": "196413B4A4D60DFE9C5098FCCE862C6CE711D87A87BCF9586576D1217A003146", "href": "https://www.ibm.com/support/pages/node/528891", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-27T21:54:53", "description": "## Summary\n\nA port used by VADP is reported to be vulnerable to Logjam (CVE-2015-4000).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>) \n** DESCRIPTION: **The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/103294](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect Plus| 10.1.0-10.1.5 \n \n## Remediation/Fixes\n\n**Spectrum Protect** \n**Plus Release**| **First Fixing** \n**VRM Level**| **APAR ** ** \n**| **Platform**| **Link to Fix** \n---|---|---|---|--- \n10.1| 10.1.6| IT32099| Linux| <https://www.ibm.com/support/pages/node/5693313> \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-06-12T20:34:38", "type": "ibm", "title": "Security Bulletin: IBM Spectrum Protect Plus vulnerable to Logjam (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2020-06-12T20:34:38", "id": "969B869C858F640A6283D702296C23A13A8A64586452AB7E6A37D5DA25ABC7B6", "href": "https://www.ibm.com/support/pages/node/6221350", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:45", "description": "## Summary\n\nThe TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. \nThis vulnerability is commonly referred to as \"Logjam\".\n\n## Vulnerability Details\n\nCVE ID: [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\nDescription : The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue. \n\n\n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nCICS Transaction Gateway for Multiplatforms v7.2, v8.0, v8.1, v9.0 and v9.1. Inclusion in this list does not imply that all the products are supported. See the[ IBM Support Lifecycle](<http://www-01.ibm.com/software/support/lifecycle/>) page for product end of support dates\n\n## Workarounds and Mitigations\n\nThe use of DH or DHE Ciphers by CICS Transaction Gateway can be prevented by configuring CICS TG to only accept more secure cipher suites, This can be done by listing the acceptable cipher suites using the ciphersuites parameter in the ctg.ini file, or by adding the acceptable cipher suites to the \"Use only these ciphers\" suites in the \"SSL settings\" section of the CICS TG configuration tool. \nSee the [CICS TG for Multiplatforms Knowledge Center](<http://www.ibm.com/support/knowledgecenter/SSZHFX_8.0.0/ctgwin/ccl11rss01.html?lang=en>) for more details.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:09", "type": "ibm", "title": "Security Bulletin: Logjam vulnerability in TLS affects IBM CICS Transaction Gateway (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:09", "id": "7F9D32D042A33237277DC72EE5E58798328B2C5833F9E7376FDD718B9B7B04E2", "href": "https://www.ibm.com/support/pages/node/527887", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:42:03", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Rational ClearCase.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Rational ClearCase, versions 7.1.0.x, 7.1.1.x, 7.1.2.x, 8.0.0.x, 8.0.1.x, in the following components: \n\n * Base CC/CQ V2 (Perl trigger-based) integration, when configured to use SSL to communicate with a ClearQuest Web server (all platforms)\n * CMI and OSLC integrations, including UCM/ClearQuest integration via OSLC (UNIX/Linux platforms), when configured to use SSL. (Windows CMI/OSLC clients are not affected.)\n * ClearCase remote client: CCRC/CTE GUI, rcleartool, and CMAPI clients, when using SSL to access a CCRC WAN Server/CM Server\n * Customer defined uses of SSL from ratlperl scripts\n\n## Remediation/Fixes\n\nInstall a fix pack. The fix pack includes OpenSSL version 1.0.1p and a newer Java\u2122 Virtual Machine. \n \n\n\n**Affected Versions**\n\n| \n\n** Applying the fix** \n \n---|--- \n \n8.0.1 through 8.0.1.8\n\n| Install [Rational ClearCase Fix Pack 9 (8.0.1.9) for 8.0.1](<http://www.ibm.com/support/docview.wss?uid=swg24040516>) \n \n8.0 through 8.0.0.15\n\n| Install [Rational ClearCase Fix Pack 16 (8.0.0.16) for 8.0](<http://www.ibm.com/support/docview.wss?uid=swg24040514>) \n \n7.1.2 through 7.1.2.18 \n7.1.1.x (all fix packs) \n7.1.0.x (all fix packs)\n\n| Customers on extended support contracts should install [Rational ClearCase Fix Pack 19 (7.1.2.19) for 7.1.2](<http://www.ibm.com/support/docview.wss?uid=swg24040512>) \n \n**CMI and OSLC change management integrations (UNIX/Linux platforms):** \n\n\nThe solution is to update to the fix pack listed above. \nApply the fix pack to systems that use the CMI- and OSLC-based integrations. This may include CCRC WAN servers that execute the integrations on behalf of WAN clients. **Base CC/CQ Perl trigger-based (V2) integration**\n\nThe solution is to update to the fix pack listed above. Apply the fix pack to systems that run the Perl trigger-based (V2) integration, and those that run your ratlperl scripts that use OpenSSL. **Customer defined uses of SSL from ratlperl scripts**\n\nThe solution is to update to the fix pack listed above. Apply the fix pack and test fix to systems that run your ratlperl scripts that use OpenSSL. \n \nAlternatively, you may disable the use of the ephemeral DH key ciphers (EDH, DHE) when you use IO::Socket::SSL. The `SSL_cipher_list` setting configures permissible ciphers for use by OpenSSL. You can view the documentation with: \n`ratlperl -e \"use Pod::Perldoc; Pod::Perldoc->run();\" IO::Socket::SSL` \n \nYou can view the Base CC/CQ Perl trigger-based (V2) integration for an example, in the script module `<ccase-home-dir>/lib/CQCC/CQWebJavaParser.pm.` See the` InitAgent `method that disables RC4 in this way.\n\n**ClearCase remote client: CCRC/CTE GUI, rcleartool, CMAPI clients**\n\nThe solution is to update to the fix pack listed above. Apply the fix pack to systems that run CCRC/CTE GUI, rcleartool, or CMAPI clients, such as web view and automatic view developer desktops. \n\n**Notes:**\n\n * If you use CCRC as an extension offering installed into an Eclipse shell (one not provided as part of a ClearCase release), or you use rcleartool or CMAPI using a Java\u2122 Virtual Machine not supplied by IBM as part of Rational ClearCase, you should update the Java\u2122 Virtual Machine you use to include a fix for the above issues (enforcing minimum key length for temporary keys used in Diffie-Hellman key exchange). Contact the supplier of your Java\u2122 Virtual Machine.\n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n \n_For 7.0.x and earlier releases,__ IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-07-10T08:34:12", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Rational ClearCase (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-07-10T08:34:12", "id": "A6938267F339EFB6C26A98CB2E5497B85551E8B8E808EA76F61306999B98826C", "href": "https://www.ibm.com/support/pages/node/528341", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T06:06:12", "description": "## Summary\n\nOpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol (CVE-2015-4000). OpenSSL is used by IBM InfoSphere Master Data Management. IBM InfoSphere Master Data Management has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>) \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nThese vulnerabilities are known to affect the following offerings: \n \nIBM Initiate Master Data Service versions 9.5, 9.7, 10.0, 10.1 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM Initiate Master Data Service Patient Hub versions 9.5, 9.7 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM Initiate Master Data Service Provider Hub versions 9.5, 9.7 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM InfoSphere Master Data Management Patient Hub version 10.0 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM InfoSphere Master Data Management Provider Hub version 10.0 (impacts _Master Data Engine_ component, [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and _Enterprise Integrator Toolkit_ component) \n \nIBM InfoSphere Master Data Management Standard/Advanced Edition version 11.0 (impacts [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component and [_Enterprise Integrator Toolkit_](<http://pic.dhe.ibm.com/infocenter/initiate/v9r5/topic/com.ibm.release_notes.doc/topics/r_release_notes_GAenterprise_integrator_toolkit.html>) component) \n \nIBM InfoSphere Master Data Management Standard/Advanced Edition version 11.3 (impacts [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component) \n \nIBM InfoSphere Master Data Management Standard/Advanced Edition version 11.4 (impacts [_Message Brokers_](<http://pic.dhe.ibm.com/infocenter/mdm/v11r0/topic/com.ibm.mdshs.hubover.doc/topics/c_hubover_message_broker_suite.html>) component)\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix as soon as practical. Please see below for information on the fixes available. \n \n\n\n**_Product_**| **_VRMF_**| **_APAR_**| **_Remediation/First Fix_** \n---|---|---|--- \nIBM Initiate Master Data Service | \n\n9.5\n\n| None| [9.5.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=9.5.071215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Patient Hub| \n\n9.5\n\n| None| [9.5.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Patient&release=All&platform=All&function=fixId&fixids=9.5.071215_IM_Initiate_Patient_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Provider Hub| \n\n9.5\n\n| None| [9.5.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Provider&release=All&platform=All&function=fixId&fixids=9.5.071215_IM_Initiate_Provider_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service | \n\n9.7\n\n| None| [9.7.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=9.7.071215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Patient Hub | \n\n9.7\n\n| None| [9.7.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Patient&release=All&platform=All&function=fixId&fixids=9.7.071215_IM_Initiate_Patient_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service Provider Hub| \n\n9.7\n\n| None| [9.7.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Provider&release=All&platform=All&function=fixId&fixids=9.7.071215_IM_Initiate_Provider_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service| \n\n10.0\n\n| None| [10.0.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=10.0.071215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Patient Hub | \n\n10.0\n\n| None| [10.0.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Patient&release=All&platform=All&function=fixId&fixids=10.0.071215_IM_Initiate_Patient_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Provider Hub| \n\n10.0\n\n| None| [10.0.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Provider&release=All&platform=All&function=fixId&fixids=10.0.071215_IM_Initiate_Provider_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM Initiate Master Data Service| \n\n10.1\n\n| None| [10.1.071215](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/IBM+Initiate+Master+Data+Service&release=All&platform=All&function=fixId&fixids=10.1.071215_IM_Initiate_MasterDataService_ALL_RefreshPack&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Standard/Advanced Edition| \n\n11.0\n\n| None| [11.0-FP3-IF3](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/InfoSphere+Master+Data+Management&release=All&platform=All&function=fixId&fixids=11.0.0.3-MDM-SAE-FP03IF003&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Standard/Advanced Edition| \n\n11.3\n\n| None| [11.3-FP3-IF1](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/InfoSphere+Master+Data+Management&release=All&platform=All&function=fixId&fixids=11.3.0.3-MDM-SE-AE-FP03IF001&includeSupersedes=0&source=fc>) \nIBM InfoSphere Master Data Management Standard/Advanced Edition| \n\n11.4\n\n| None| [11.4-FP3-IF1](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EInformation%2BManagement&product=ibm/Information+Management/InfoSphere+Master+Data+Management&release=All&platform=All&function=fixId&fixids=11.4.0.3-MDM-SE-AE-FP03IF001&includeSupersedes=0&source=fc>) \n \nAs the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## Workarounds and Mitigations\n\nNone known.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-04-27T09:58:00", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM InfoSphere Master Data Management (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2022-04-27T09:58:00", "id": "4E5AB790697553E0DD05AA9FB4B4B935D4F29DC9A935CD5E4CF4F19176B06997", "href": "https://www.ibm.com/support/pages/node/529947", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:43:46", "description": "## Summary\n\nWebSphere Application Server is shipped as a component of SmartCloud Cost Management. WebSphere Application Server is shipped as a component of Tivoli Integrated Portal, which is shipped as a component of Tivoli Usage and Accounting Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in security bulletins. \n \nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of IBM WebSphere Application Server Full Profile, IBM WebSphere Application Server Liberty Profile, and IBM WebSphere Application Server Hypervisor Edition.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\n[](<http://www-01.ibm.com/support/knowledgecenter/SSNHG7_2.1.0/com.ibm.sccm.doc_2.1/tables/r_tables_intro.html>)\n\nPrincipal Product and Version(s)| \nAffected Supporting Product and Version \n---|--- \n \nIBM Tivoli Usage and Accounting Manager V2.1, V2.1.0.1, V7.3.0.4| IBM Tivoli Integrated Portal, Version 2.2 and all fixpacks \n \nIBM SmartCloud Cost Management V2.1.0.3, V2.1.0.4| \nWebsphere Application Server Liberty Profile V8.5.5 \n[](<http://www-01.ibm.com/support/knowledgecenter/SSNHG7_2.1.0/com.ibm.sccm.doc_2.1/tables/r_tables_intro.html>)\n\n## Remediation/Fixes\n\nPlease refer to the WAS security bulletin to remediate the vulnerabilities related to [Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>)\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T22:29:58", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with Tivoli Usage and Accounting Manager/SmartCloud Cost Management (CVE-2015-4000).", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T22:29:58", "id": "BCB08F65FA14C39FC0F63A4FB245CBBA50B1FB4D616800144D405A6DA25EB62A", "href": "https://www.ibm.com/support/pages/node/535257", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T06:00:41", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nConsult the security bulletin [Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21957980>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n**Affected Product and Version(s)**\n\n| **Product and Version shipped as a component** \n---|--- \nIBM Intelligent Operations Center version 1.6| IBM WebSphere Application Server versions 7.0.0.27 and 8.0.0.6 \nIBM Intelligent Operations Center version 1.6.0.1| IBM WebSphere Application Server versions 7.0.0.27 and 8.0.0.6 \nIBM Intelligent Operations Center version 1.6.0.2| IBM WebSphere Application Server versions 7.0.0.31 and 8.0.0.8 \nIBM Intelligent Operations Center version 1.6.0.3| IBM WebSphere Application Server versions 7.0.0.33 and 8.0.0.9 \nIBM Intelligent Operations Center version 1.6.0.3 APAR PO04662| IBM WebSphere Application Server versions 7.0.0.37 and 8.0.0.10 \n \n## Remediation/Fixes\n\nDownload the correct version of the fix from the following link: [Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21957980>). Installation instructions for the fix are included in the readme document that is in the fix package.\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-08-19T23:26:06", "type": "ibm", "title": "Security Bulletin: Security vulnerability has been identified in IBM WebSphere Application Server (CVE-2015-4000) shipped with IBM Intelligent Operations Center", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2022-08-19T23:26:06", "id": "3F4AC905A4659886D4FC5BE38C6482D1DE3A6493436B82AA220F0C083EB26CCE", "href": "https://www.ibm.com/support/pages/node/528889", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T05:57:39", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of IBM WebSphere Application Server. The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions (including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities), Maximo Adapter for Primavera, SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Change and Configuration Management Database, and TRIRIGA Energy Optimization.\n\n## Vulnerability Details\n\nCVEID: [CVE-2015-4000](<https://vulners.com/cve/CVE-2015-4000>)\n\nDESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\".\n\nCVSS Base Score: 4.3\n\nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score\n\nCVSS Environmental Score*: Undefined\n\nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nMaximo Asset Management 7.6| IBM WebSphere Application Server 8.5.5 Full Profile \nIBM WebSphere Application Server 8.5 Full Profile \nMaximo Asset Management 7.5 \nMaximo Asset Management Essentials 7.5 \nMaximo for Government 7.5 \nMaximo for Nuclear Power 7.5 \nMaximo for Transportation 7.5 \nMaximo for Life Sciences 7.5 \nMaximo for Oil and Gas 7.5 \nMaximo for Utilities 7.5 \nMaximo Adapter for Primavera 7.5 \nSmartCloud Control Desk 7.5 \nTRIRIGA Energy Optimization 1.1| IBM WebSphere Application Server 8.5.5 Full Profile \nIBM WebSphere Application Server 8.5 Full Profile \nIBM WebSphere Application Server 8.0 \nIBM WebSphere Application Server 7.0 \nMaximo Asset Management 7.1 \nMaximo Asset Management Essentials 7.1 \nMaximo Asset Management for Energy Optimization 7.1 \nMaximo for Government 7.1 \nMaximo for Nuclear Power 7.1 \nMaximo for Transportation 7.1 \nMaximo for Life Sciences 7.1 \nMaximo for Oil and Gas 7.1 \nMaximo for Utilities 7.1 \nMaximo Adapter for Primavera 7.1| IBM WebSphere Application Server 7.0 \nIBM WebSphere Application Server 6.1 \nTivoli Asset Management for IT 7.2 \nTivoli Service Request Manager 7.2 \nChange and Configuration Management Database 7.2| IBM WebSphere Application Server 8.5.5 Full Profile \nIBM WebSphere Application Server 7.0 \nIBM WebSphere Application Server 6.1 \nTivoli Asset Management for IT 7.1 \nTivoli Service Request Manager 7.1 \nChange and Configuration Management Database 7.1| IBM WebSphere Application Server 6.1 \n \n## Remediation/Fixes\n\nPlease apply the latest WebSphere Application Server Interim Fix or Fix Pack as recommended in the [Security Bulletin for IBM WebSphere](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>).\n\n## Workarounds and Mitigations\n\nWorkarounds and Mitigations for some configurations of WebSphere Application Server are provided in the [Security Bulletin for IBM WebSphere](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>).\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-09-22T03:02:31", "type": "ibm", "title": "Security Bulletin: Security Vulnerability in IBM WebSphere Application Server (CVE-2015-4000) Affects Asset and Service Management", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2022-09-22T03:02:31", "id": "20D0587F4328611B058FFA9CCDF6634A8C1FCE487A318D5E9C8B6C6DD9D211FD", "href": "https://www.ibm.com/support/pages/node/530649", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:41", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of IBM WebSphere Service Registry and Repository.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM WebSphere Service Registry and Repository versions 8.5.5, 8.5, 8.0, 7.5, 7.0, 6.3\n\n## Remediation/Fixes\n\nNone\n\n## Workarounds and Mitigations\n\nCustomers should follow the mitigation advice contained in the WebSphere Application Server security bulletin, located at [http://www.ibm.com/support/docview.wss?uid=swg21957980](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>) .\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:13", "type": "ibm", "title": "Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Service Registry and Repository (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:13", "id": "AA3B296C3E872A0C8E54359C90FFE82D9A9E6FA1535C7608927E2C4A576D96BB", "href": "https://www.ibm.com/support/pages/node/528745", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:42", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM SDK, Java Technology Edition.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThese vulnerabilities affect IBM SDK, Java 2 Technology Edition, Version 5.0 Service Refresh 16 Fix Pack 10 and earlier releases \nThese vulnerabilities affect IBM SDK, Java Technology Edition, Version 6 Service Refresh 16 Fix Pack 4 and earlier releases \nThese vulnerabilities affect IBM SDK, Java Technology Edition, Version 6R1 Service Refresh 8 Fix Pack 4 and earlier releases \nThese vulnerabilities affect IBM SDK, Java Technology Edition, Version 7 Service Refresh 9 and earlier releases \nThese vulnerabilities affect IBM SDK, Java Technology Edition, Version 7R1 Service Refresh 3 and earlier releases \nThese vulnerabilities affect IBM SDK, Java Technology Edition, Version 8 Service Refresh 1 and earlier releases \n\n## Remediation/Fixes\n\nThe fixes for these vulnerabilities are included in IBM SDK, Java 2 Technology Edition, Version 5.0 Service Refresh 16 Fix Pack 11 and earlier releases \nThe fixes for these vulnerabilities are included in IBM SDK, Java Technology Edition, Version 6 Service Refresh 16 Fix Pack 5 and subsequent releases \nThe fixes for these vulnerabilities are included in IBM SDK, Java Technology Edition, Version 6R1 Service Refresh 8 Fix Pack 5 and subsequent releases \nThe fixes for these vulnerabilities are included in IBM SDK, Java Technology Edition, Version 7 Service Refresh 9 Fix Pack 1 and subsequent releases \nThe fixes for these vulnerabilities are included in IBM SDK, Java Technology Edition, Version 7R1 Service Refresh 3 Fix Pack 1 and subsequent releases \nThe fixes for these vulnerabilities are included in IBM SDK, Java Technology Edition, Version 8 Service Refresh 1 Fix Pack 1 and subsequent releases \n \nFurther information on the changes associated with this vulnerability can be found [here](<http://www-01.ibm.com/support/docview.wss?uid=swg21959956>). \n \nAs the length of the server key size are increased, the amount of CPU required for full TLS/SSL handshake can significantly increase. Please carefully test and assess the impact to your CPU requirements to ensure sufficient CPU resources, otherwise the system availability may be impacted. \n \nIBM SDK, Java Technology Edition releases can be downloaded, subject to the terms of the developerWorks license, from [_here_](<http://www.ibm.com/developerworks/java/jdk/index.html>) \n \nIBM customers requiring an update for an SDK shipped with an IBM product should contact [_IBM support_](<http://www.ibm.com/support/>), and/or refer to the appropriate product security bulletin. \n \nThe APAR for this fix is [IV73934](<http://www.ibm.com/support/docview.wss?uid=swg1IV73934>).\n\n## Workarounds and Mitigations\n\nThe vulnerability can be mitigated by explicitly disabling DH and DHE ciphers, using one of the following options: \n \n**IBM SDK, Java Technology Edition, Version 7****, 7R1 and 8 only**\n\n * Disable DH and DHE cipher suites by adding the DH and DHE cipher suites to the list of disabled algorithms defined by the `jdk.tls.disabledAlgorithms` security property in `java.security` file.\n \n**All ****IBM SDK, Java Technology Edition**** versions**\n\n * Ensure that the DH or DHE cipher suite(s) are not explicitly enabled via the setEnabledCipherSuites() method.\n * If using the javax.net.ssl.HttpsURLConnection API, set the `https.cipherSuites` system property so that it does not include DH or DHE cipher suites.\n * Configure SP800-131a strict compliance or any Suite B configuration.\n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:12", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM\u00ae SDK, Java\u2122 Technology Edition (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:12", "id": "2930C0659C99BD7CD4CED03E14D21540AD370CD5959742FBE33EAA5AEC0326A8", "href": "https://www.ibm.com/support/pages/node/529081", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T01:52:05", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM DB2 LUW. \n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \n** \n**DESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \n \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nThis vulnerability affects two components of DB2: DB2 Advanced Copy Services and Java stored procedures using Secure Sockets Layer (SSL) API from IBM JDK. \n \n**_For DB2 Advanced Copy Services_** \nIBM DB2 Advanced Copy Services included in IBM DB2 and DB2 Connect V10.1 and V10.5 editions listed below and running on AIX and Linux are affected. \n \nIBM DB2 Express Edition \nIBM DB2 Workgroup Server Edition \nIBM DB2 Enterprise Server Edition \nIBM DB2 Connect\u2122 Application Server Edition \nIBM DB2 Connect Application Server Advanced Edition \nIBM DB2 Connect Enterprise Edition \nIBM DB2 Connect Unlimited Edition for System i\u00ae \nIBM DB2 Connect Unlimited Edition for System z\u00ae \nIBM DB2 Connect Unlimited Advanced Edition for System z \nIBM DB2 10.1 pureScale Feature \nIBM DB2 10.5 Advanced Enterprise Server Edition \nIBM DB2 10.5 Advanced Workgroup Server Edition \nIBM DB2 10.5 Developer Edition for Linux, Unix and Windows \n \nNOTE: The DB2 Connect products mentioned are affected only if a local database has been created. \n \nOnly users of DB2 Advanced Copy Services (snapshot backup) are affected by this vulnerability. IBM DB2 includes restricted version of IBM Tivoli Flash Copy Manager, i.e. FCM v3.2 and v4.1, and both versions are affected by this vulnerability. IBM DB2 Advanced Copy Services in conjunction with IBM Tivoli FCM 3.2 or 4.1, on all current fix packs of IBM DB2 V10.1 and V10.5, are affected. AIX installations of DB2 may have this package installed by default, though it may not be in use on the system. \n \n**_For _****_Java stored procedures using Secure Sockets Layer (SSL) API from IBM J_****_DK_** \n \nCustomers who have Java stored procedures using Secure Sockets Layer (SSL) API from IBM JDK are affected. \n \nAll fix pack levels of IBM DB2 V9.7, V10.1 and V10.5 editions listed below and running on AIX, Linux, HP, Solaris or Windows are affected. \n \nIBM\u00ae DB2\u00ae Express Edition \nIBM\u00ae DB2\u00ae Workgroup Server Edition \nIBM\u00ae DB2\u00ae Enterprise Server Edition \nIBM\u00ae DB2\u00ae Advanced Enterprise Server Edition \nIBM\u00ae DB2\u00ae Advanced Workgroup Server Edition \nIBM\u00ae DB2\u00ae Connect\u2122 Application Server Edition \nIBM\u00ae DB2\u00ae Connect\u2122 Enterprise Edition \nIBM\u00ae DB2\u00ae Connect\u2122 Unlimited Edition for System i\u00ae \nIBM\u00ae DB2\u00ae Connect\u2122 Unlimited Edition for System z\u00ae \n \nIBM\u00ae DB2\u00ae pureScale\u2122 Feature for Enterprise Server Edition, V9.8, running on AIX or Linux is affected.\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the appropriate fix for this vulnerability. \n \n**_For DB2 Advanced Copy Services_** \n \nThe FCM package containing the fix For DB2 V10.1 and V10.5 can be found in [Fix Central for V10.5](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EInformation%20Management&product=ibm/Information+Management/DB2&release=10.5.*&platform=All&function=all>) by searching for the keyword FCM. \n \n\n\n**Platform**| **Description** \n---|--- \nAIX| DB2 10.5 Fix Pack 7 for AIX (64 bit), Aix distros for FCM \nLinux| DB2 10.5 Fix Pack 7 for Linux/x86-64 (64 bit), Linux distros for FCM \n \nThe FCM packages for DB2 V10.5 can be used with both DB2 V10.1 and DB2 V10.5 on any fix pack. \n \nPlease note that for the AIX platform, DB2 V10.1 and DB2 V10.5, installing the fixpack will overwrite the FCM in sqllib/acs with a vulnerable version of FCM. You need to reapply the FCM fix after each fixpack update. \n \nFor installation instructions, please follow the documentation provided within the IBM DB2 information center: \n_ \n_[_http://www-01.ibm.com/support/knowledgecenter/SSEPGG_10.5.0/com.ibm.db2.luw.admin.ha.doc/doc/c0053160.html_](<http://www-01.ibm.com/support/knowledgecenter/SSEPGG_10.5.0/com.ibm.db2.luw.admin.ha.doc/doc/c0053160.html>) \n \n**_For _****_Java stored procedures using Secure Sockets Layer (SSL) API from IBM JDK_** \nThe fix for this vulnerability is in latest version of IBM JDK. Customers running any vulnerable fixpack level of an affected Program, V9.7, V9.8, V10.1 or V10.5 can download the latest version of IBM JDK from [Fix Central ](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DB2&release=All&platform=All&function=fixId&fixids=*java*&includeSupersedes=0>) \n \nRefer to the table below to determine the IBM JDK level required. Then follow the instructions below to perform the JDK installation. \n \n \n**Platform**| \n\n**10.5.x JDK Version**\n\n| \n\n**10.1.x JDK Version**\n\n| \n\n**9.8.x JDK Version**\n\n| \n\n**9.7.x JDK Version** \n \n---|---|---|---|--- \nAIX64| \n\n7.0.9.10\n\n| \n\n7.0.9.10\n\n| \n\n6.0.16.7\n\n| \n\n6.0.16.7 \n \nSUN SPARC 64| \n\n7.0.9.10\n\n| \n\n7.0.9.10\n\n| \n\nN/A\n\n| \n\n6.0.16.7 \n \nSUN AMD64/EM64T| \n\n7.0.9.10\n\n| \n\n7.0.9.10\n\n| \n\nN/A\n\n| \n\n6.0.16.7 \n \nHPIPF64| \n\n7.0.9.10\n\n| \n\n6.0.16.7\n\n| \n\nN/A\n\n| \n\n6.0.16.7 \n \nLinux IA32| \n\n7.0.9.10\n\n| \n\n7.0.9.10\n\n| \n\nN/A\n\n| \n\n6.0.16.7 \n \nLinux PPC64LE| \n\n7.1.3.10\n\n| \n\nN/A\n\n| \n\nN/A\n\n| \n\nN/A \n \nLinux PPC64 | \n\n7.0.9.10\n\n| \n\n7.0.9.10\n\n| \n\nN/A\n\n| \n\n6.0.16.7 \n \nLinux S390 64-bit| \n\n7.0.9.10\n\n| \n\n7.0.9.10\n\n| \n\nN/A\n\n| \n\n6.0.16.7 \n \nLinux AMD64/EM64T| \n\n7.0.9.10\n\n| \n\n7.0.9.10\n\n| \n\n6.0.16.7\n\n| \n\n6.0.16.7 \n \nWindows IA32| \n\n7.0.9.10\n\n| \n\n7.0.9.10\n\n| \n\nN/A\n\n| \n\n6.0.16.7 \n \nWindows x86-64| \n\n7.0.9.10\n\n| \n\n7.0.9.10\n\n| \n\nN/A\n\n| \n\n6.0.16.7 \n \nInspur K-UX| \n\n6.0.16.7\n\n| \n\nN/A\n\n| \n\nN/A\n\n| \n\nN/A \n \n \n**_Instruction for IBM JDK Installation on UNIX_** \n1) Create a new temporary JDK directory, i.e. jdk64, to store the extracted install files. \n \n2) Run the following command to extract all the files from the IBM JDK install image tar file into the temporary JDK directory created in step 1 above. \n\n\ntar -xvf <IBM JDK install image tar file> -C jdk64 \n3) Stop all DB2 instances for the installation. \n \n4) As root user, back up the original IBM JDK directory within DB2 installation path and create a new one. \n\n\nGo to the java sub-directory under <DB2 Installation Path>. \nE.g. \ncd /opt/IBM/db2/V10.1fp5/java \n \nBack up the original JDK directory <DB2 Installation Path>/java/jdk64 \nE.g. \nmv /opt/IBM/db2/V10.1fp5/java/jdk64 /opt/IBM/db2/V10.1fp5/java/jdk64_old \n \nCreate a new JDK directory under <DB2 Installation Path>/java/. \nE.g. \nmkdir /opt/IBM/db2/V10.1fp5/java/jdk64 \n5) As root user, copy the extracted files from the temporary JDK directory created in step 1 to the new JDK directory under <DB2 Installation Path>. E.g. \n\n \ncp -R <Temporary JDK directory>/* /opt/IBM/db2/V10.1fp5/java/jdk64/ \n \nAll the files in the <DB2 Installation Path>/java/jdk64 directory should have r-x permission. \n6) Change the group and owner for all the files in the new JDK directory to bin. \n\nE.g. \n \nchgrp -R bin /opt/IBM/db2/V10.1fp5/java/jdk64 \nchown -R bin /opt/IBM/db2/V10.1fp5/java/jdk64 \n**_Instruction for IBM JDK Installation on Windows_** \n1) Stop all DB2 instances \n \n2) Go to the DB2 installation directory \nE.g \nC:\\Program Files (x86)\\IBM\\SQLLIB\\java\\jdk \n \nRename the following folders: \n\n\n * bin to bin_old\n * include to include_old\n * lib to lib_old\n * properties to properties_old\n * jre to jre_old\n \nThis might not work as you might get the error of folder in-use. If that happens, try the following steps:\n * cd to C:\\Program Files (x86)\\IBM\\SQLLIB\\java\\jdk\\jre folder \n * rename bin to bin_old\n * copy lib as lib_old\n * cd to lib directory, delete all the files except the fonts folder (which might be held by windows svchost.exe process and might not be renamed)\n \n3) Unzip the new java files and copy all the extracted java files under the jdk directory. \n \n \nNotes: \n1) With this update, the metadata of the new JDK is not being recorded with the installer. Hence, for fix pack update in the same installation path, execution of the db2val utility (i.e. the tool that validate files laid down by the DB2 installer at the system level, instance level, or database level after new installation) may fail . Fix pack update to new installation path is not affected. \n \n2) Uninstall will not be able to remove the jdk64 and jdk64_old folder, user will have to remove it manually. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-16T13:36:32", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM\u00ae DB2\u00ae LUW (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-16T13:36:32", "id": "F9FFF1452D2A985801DD08F7813340BA467DEFAB87F21C48C63A7F54D115EA57", "href": "https://www.ibm.com/support/pages/node/267673", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:46:22", "description": "## Summary\n\nThe LogJam Attack on Diffie-Hellman ciphers (CVE-2015-4000) may affect some configurations of IBM WebSphere Application Server Full Profile, IBM WebSphere Application Server Liberty Profile, and IBM WebSphere Application Server Hypervisor Edition. The IBM HTTP Server used by WebSphere Application Server is not affected. \n\n## Vulnerability Details\n\nPlease consult the security bulletin for [**Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000) **](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>)vulnerability details and information about fixes. \n \n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n\n## Affected Products and Versions\n\nAffected Product and Version(s)\n\n| Product and Version shipped as a component \n---|--- \nTivoli Network Manager 3.8| Bundled the TIP version 1.1.1.x, which bundles IBM WebSphere version 6.1.0.x. \nTivoli Network Manager 3.9| Bundled the TIP version 2.1.0.x, which bundles IBM WebSphere version 7.0.0.x. \nTivoli Network Manager 4.1 and 4.1.1| Bundled the TIP version 2.2.0.x, which bundles IBM WebSphere version 7.0.0.x. \n \n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T15:03:14", "type": "ibm", "title": "Security Bulletin:Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server shipped with Tivoli Network Manager IP Edition(CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T15:03:14", "id": "74C99E404EC778BC955722CD059E14121139B2EDBB6E0975B91D29DE7ADAB2D9", "href": "https://www.ibm.com/support/pages/node/528525", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:48:00", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Content Collector for SAP Applications \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Content Collector for SAP Applications V2.2 \n\nIBM Content Collector for SAP Applications V3.0\n\nIBM Content Collector for SAP Applications V4.0\n\n## Remediation/Fixes\n\nIBM provides patches for the affected version. Follow the installation instructions in the README files that is included in the patch. \n\n**_Product_**| **_VRMF_**| **_APAR_**| **_Remediation/First Fix_** \n---|---|---|--- \nIBM Content Collector for SAP Applications| 2.2.0| HE12345| Apply JRE Update 2.2.0.2-ICCSAP-Server-JRE-6.0.16.5, and 2.2.0.2-ICCSAP-Client-JRE-6.0.16.5, which are available from Fix Central \nFor the download details, see <http://www.ibm.com/support/docview.wss?uid=swg24040225>. \nIBM Content Collector for SAP Applications| 3.0.0| HE12346| Apply JRE Update 3.0.0.2-ICCSAP-Server-JRE-7.0.9.1, and 3.0.0.2-ICCSAP-Client-JRE-7.0.9.1, which are available from Fix Central \nFor the download details, see <http://www.ibm.com/support/docview.wss?uid=swg24040227>. \nIBM Content Collector for SAP Applications| 4.0.0| HE12347| Apply JRE Update 4.0.0.0-ICCSAP-Base-JRE-7.0.9.1, which is available from Fix Central \nFor the download details, see <http://www.ibm.com/support/docview.wss?uid=swg24040226>. \n \nYou should verify applying this configuration change does not cause any compatibility issues. If you change the default setting after applying the fix, you will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T12:11:37", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Content Collector for SAP Applications (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T12:11:37", "id": "61D792D53A68F5459B0E68AAA04ADB3AEF6062BD285A307E42C92DBECC437194", "href": "https://www.ibm.com/support/pages/node/530441", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:54:52", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Cognos Controller\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Cognos Controller 10.2.1 \n\nIBM Cognos Controller 10.2\n\nIBM Cognos Controller 10.1.1\n\nIBM Cognos Controller 10.1\n\nIBM Cognos Controller 8.5.1\n\nIBM Cognos Controller 8.5\n\n## Remediation/Fixes\n\n[IBM Cognos Controller 10.2.1 FP2 IF1](<http://www-01.ibm.com/support/docview.wss?uid=swg24041250>)\n\n[IBM Cognos Controller 10.2 FP1 IF3](<http://www-01.ibm.com/support/docview.wss?uid=swg24041249>)\n\n[IBM Cognos Controller 10.1.1 FP3 IF4](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Cognos&product=ibm/Information+Management/Cognos+8+Controller&release=10.1.1&platform=Windows+32-bit,+x86&function=fixId&fixids=10.1.1-BA-CNTRL-Win32-IF004>)\n\n[IBM Cognos Controller 10.1 IF5](<http://www-01.ibm.com/support/docview.wss?uid=swg24041247>)\n\n[IBM Cognos Controller 8.5.1 FP1 IF2](<http://www-01.ibm.com/support/docview.wss?uid=swg24041246>)\n\nUsers of IBM Cognos Controller 8.5 are advised to contact IBM Customer Support.\n\n## Workarounds and Mitigations\n\nThe DH cipher suites must be disabled using Cognos Configuration by performing the following actions: \n \n1) Start Cognos Configuration. \n \n2) Navigate to Security/Cryptography/Cognos \n \n3) Open the supported cipher suites selection dialog. \n \n4) Select all cipher suites that have DH in the the name and remove them from the Current Values List. Select OK to save the new list. \n \n5) Save and restart your service using Cognos Configuration. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the DH stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the DH stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T22:37:47", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Controller (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T22:37:47", "id": "6049EAD994B493F1A6A1D367EAA1F0E54013DA9CB1563FAC9ED67C5E2642008F", "href": "https://www.ibm.com/support/pages/node/530095", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:54:29", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM Cognos Metrics Manager. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\n * * IBM Cognos Metrics Manager 10.2.2\n * IBM Cognos Metrics Manager 10.2.1\n * IBM Cognos Metrics Manager 10.2\n * IBM Cognos Metrics Manager 10.1.1\n * IBM Cognos Metrics Manager 10.1\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix as soon as practical. As the fix is in a shared component across the Business Intelligence portfolio, applying the BI Interim Fix will resolve the issue. Note that the prerequisites named in the links are also satisfied by an IBM Cognos Metrics Manager install of the same version. \n\n\n[IBM Cognos Business Intelligence 10.2.x Interim Fixes](<http://www-01.ibm.com/support/docview.wss?uid=swg24040519>)\n\n[IBM Cognos Business Intelligence 10.1.x Interim Fixes](<http://www-01.ibm.com/support/docview.wss?uid=swg24040520>)\n\n_For IBM Cognos Metrics Manager versions before 10.1, IBM recommends upgrading to a fixed, supported version/release/platform of the product_\n\n## Workarounds and Mitigations\n\nThe DH cipher suites must be disabled using Cognos Configuration by performing the following actions: \n \n1) Start Cognos Configuration. \n \n2) Navigate to Security/Cryptography/Cognos \n \n3) Open the supported cipher suites selection dialog. \n \n4) Select all cipher suites that have DH in the the name and remove them from the Current Values List. Select OK to save the new list. \n \n5) Save and restart your service using Cognos Configuration. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the DH stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the DH stream cipher and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T23:13:48", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Metrics Manager (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T23:13:48", "id": "42A08ACF820559CD46AD9183555EA45C8A00FF50E8C1680DAFAD61BCBF3B2E1C", "href": "https://www.ibm.com/support/pages/node/529275", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:49:07", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects Rational Tau\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\n4.3, 4.3.0.1, 4.3.0.2, 4.3.0.3, 4.3.0.4, 4.3.0.5, 4.3.0.6, 4.3.0.6 Interim Fix 1, 4.3.0.6 Interim Fix 2, 4.3.0.6 Interim Fix 3\n\n## Remediation/Fixes\n\nUpgrade to [Rational Tau Interim Fix 4 for 4.3.0.6](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%2FRational&product=ibm/Rational/IBM+Rational+Tau&release=4.3.0.6&platform=All>)\n\n## Workarounds and Mitigations\n\nNo workarounds\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-17T05:03:31", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Rational Tau (CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-17T05:03:31", "id": "FE36F70B633D6B89B87EB57DF379F72D3D3FFDEBF84731993C6092A6C7F6143D", "href": "https://www.ibm.com/support/pages/node/529993", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:57:40", "description": "## Summary\n\nThe Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affects IBM\u00ae Support Assistant\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-4000_](<https://vulners.com/cve/CVE-2015-4000>)** \nDESCRIPTION:** The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as \"Logjam\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/103294_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103294>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Support Assistant Team Server version 5.0.0, 5.0.1, 5.0.1.1 and 5.0.2 \n\n## Remediation/Fixes\n\nnone \n\n## Workarounds and Mitigations\n\nThe Logjam attack which affects TLS connections using the Diffie-Hellman (DH) key exchange protocol may affect the IBM Support Assistant. The IBM WebSphere Application Server Liberty shipped with IBM Support Assistant has DH and DHE ciphers included in the \"STRONG\" or \"HIGH\", \"MEDIUM\" and \"LOW\" cipher lists. They also could be present if you have a \"CUSTOM\" list of ciphers. You will need to remove any of the ciphers that begin with SSL_* or TLS_* that also have DH or DHE in the Name from your IBM Support Assistant SSL configuration. This does NOT include ciphers that have ECDH or ECDHE in the Name, these are elliptic curve Diffie-Hellman ciphers and they are not affected. \n \nTo change the list of enabled ciphers: \n \n1\\. Open a command prompt, then change directory to the <isa_install>/ISA5/wlp/usr/servers/isa directory. \n2\\. Open the server.xml file with a text editor. \n3\\. Add the enabledCiphers attribute with the list of ciphers. \n\n * See [IBM SDK Cipher suites Knowledge Center](<https://www-01.ibm.com/support/knowledgecenter/SSYKE2_7.0.0/com.ibm.java.security.component.71.doc/security-component/jsse2Docs/ciphersuites.html>) for more information on the IBM SDK Java Technology Edition ciphers that are supported \n * For additional details on how to change the configuration refer to the [Liberty Profile: SSL Configuration attributes Knowledge Center](<http://www-01.ibm.com/support/knowledgecenter/SSEQTP_8.5.5/com.ibm.websphere.wlp.iseries.doc/ae/rwlp_ssl.html?cp=SSEQTP_8.5.5%2F2-3-11-0-4-1-0-0>)\n \nRefer to the [_Security Bulletin for WebSphere Application Server Liberty Profile_](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>) for additional details. \n \nYou should verify applying this configuration change does not cause any compatibility issues. Not disabling the DH or DHE stream ciphers will expose yourself to the Logjam attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the Diffie-Hellman key-exchange protocol used in TLS and take appropriate mitigation and remediation actions. \n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-06-15T07:03:14", "type": "ibm", "title": "Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects\u00a0IBM Support Assistant Team Server \u00a0(CVE-2015-4000)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2018-06-15T07:03:14", "id": "BC7527238358BF4E08A4155A5CD1FC5BEDA3DEB84A8AE9C4D761327D80CE78E0", "href": "https://www.ibm.com/support/pages/node/528847", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2019-05-29T18:36:13", "description": "Check the version of openssl", "cvss3": {}, "published": "2015-06-09T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2015:1072 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882192", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882192", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2015:1072 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882192\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 11:04:34 +0200 (Tue, 09 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssl CESA-2015:1072 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of openssl\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\n Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1072\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021157.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~30.el6.9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~30.el6.9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~30.el6.9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~30.el6.9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-31T18:38:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for MySQL (SUSE-SU-2015:1177-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850941", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850941", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850941\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 14:48:51 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for MySQL (SUSE-SU-2015:1177-2)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MySQL'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This MySQL update fixes the following security issue:\n\n * Logjam Attack: MySQL uses 512 bit DH groups in SSL connections.\n (bsc#934789)\n\n Security Issues:\n\n * CVE-2015-4000\");\n\n script_tag(name:\"affected\", value:\"MySQL on SUSE Linux Enterprise Server 11 SP2 LTSS, SUSE Linux Enterprise Server 11 SP1 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1177-2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(SLES11\\.0SP2|SLES11\\.0SP1)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP2\") {\n if(!isnull(res = isrpmvuln(pkg:\"libmysqlclient15\", rpm:\"libmysqlclient15~5.0.96~0.8.8.2\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmysqlclient_r15\", rpm:\"libmysqlclient_r15~5.0.96~0.8.8.2\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.96~0.8.8.2\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-Max\", rpm:\"mysql-Max~5.0.96~0.8.8.2\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.96~0.8.8.2\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-tools\", rpm:\"mysql-tools~5.0.96~0.8.8.2\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmysqlclient15-32bit\", rpm:\"libmysqlclient15-32bit~5.0.96~0.8.8.2\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"SLES11.0SP1\") {\n if(!isnull(res = isrpmvuln(pkg:\"libmysqlclient15\", rpm:\"libmysqlclient15~5.0.96~0.8.8.2\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmysqlclient_r15\", rpm:\"libmysqlclient_r15~5.0.96~0.8.8.2\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.96~0.8.8.2\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-Max\", rpm:\"mysql-Max~5.0.96~0.8.8.2\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.96~0.8.8.2\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-tools\", rpm:\"mysql-tools~5.0.96~0.8.8.2\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmysqlclient15-32bit\", rpm:\"libmysqlclient15-32bit~5.0.96~0.8.8.2\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-07T00:00:00", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2015-9048", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869559", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869559", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2015-9048\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869559\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:24:56 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for nss-util FEDORA-2015-9048\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-util'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"nss-util on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9048\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/159350.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.0.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-17T22:58:49", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-569)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120113", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120113", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120113\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:47 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-569)\");\n script_tag(name:\"insight\", value:\"A flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000 )Please note that this update forces the TLS/SSL client implementation in NSS to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits.\");\n script_tag(name:\"solution\", value:\"Run yum update nss nss-util to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-569.html\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.41.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~1.41.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-util-debuginfo\", rpm:\"nss-util-debuginfo~3.19.1~1.41.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~3.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~3.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~3.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~3.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~3.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.19.1~3.71.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:08", "description": "Check the version of nss", "cvss3": {}, "published": "2015-06-26T00:00:00", "type": "openvas", "title": "CentOS Update for nss CESA-2015:1185 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882209", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882209", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss CESA-2015:1185 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882209\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-26 06:24:32 +0200 (Fri, 26 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss CESA-2015:1185 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of nss\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set\n of libraries designed to support cross-platform development of security-enabled\n client and server applications.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in NSS to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nThe nss and nss-util packages have been upgraded to upstream versions\n3.19.1. The upgraded versions provide a number of bug fixes and\nenhancements over the previous versions.\n\nUsers of nss and nss-util are advised to upgrade to these updated packages,\nwhich fix these security flaws, bugs, and add these enhancements.\");\n script_tag(name:\"affected\", value:\"nss on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1185\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021220.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:58", "description": "Check the version of nss-util", "cvss3": {}, "published": "2015-06-26T00:00:00", "type": "openvas", "title": "CentOS Update for nss-util CESA-2015:1185 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882208", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882208", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss-util CESA-2015:1185 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882208\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-26 06:24:29 +0200 (Fri, 26 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss-util CESA-2015:1185 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of nss-util\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set\n of libraries designed to support cross-platform development of security-enabled\n client and server applications.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in NSS to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nThe nss and nss-util packages have been upgraded to upstream versions\n3.19.1. The upgraded versions provide a number of bug fixes and\nenhancements over the previous versions.\n\nUsers of nss and nss-util are advised to upgrade to these updated packages,\nwhich fix these security flaws, bugs, and add these enhancements.\");\n script_tag(name:\"affected\", value:\"nss-util on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1185\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021219.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~1.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-09T00:00:00", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2015-9130", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869416", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869416", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2015-9130\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869416\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 10:54:27 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for nss-util FEDORA-2015-9130\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-util'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"nss-util on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9130\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/159313.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.0.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:37:01", "description": "Check the version of nss", "cvss3": {}, "published": "2015-06-24T00:00:00", "type": "openvas", "title": "CentOS Update for nss CESA-2015:1185 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882207", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882207", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss CESA-2015:1185 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882207\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-24 06:17:37 +0200 (Wed, 24 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss CESA-2015:1185 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of nss\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of\n libraries designed to support cross-platform development of security-enabled\n client and server applications.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in NSS to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nThe nss and nss-util packages have been upgraded to upstream versions\n3.19.1. The upgraded versions provide a number of bug fixes and\nenhancements over the previous versions.\n\nUsers of nss and nss-util are advised to upgrade to these updated packages,\nwhich fix these security flaws, bugs, and add these enhancements.\");\n script_tag(name:\"affected\", value:\"nss on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1185\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021222.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~3.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~3.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~3.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~3.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~3.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:37:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-09T00:00:00", "type": "openvas", "title": "Fedora Update for nss-softokn FEDORA-2015-9130", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869362", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869362", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-softokn FEDORA-2015-9130\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869362\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 10:41:38 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for nss-softokn FEDORA-2015-9130\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-softokn'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"nss-softokn on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9130\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/159312.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-softokn\", rpm:\"nss-softokn~3.19.1~1.0.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-26T00:00:00", "type": "openvas", "title": "RedHat Update for nss RHSA-2015:1185-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871382", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871382", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for nss RHSA-2015:1185-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871382\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-26 06:24:08 +0200 (Fri, 26 Jun 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for nss RHSA-2015:1185-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in NSS to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nThe nss and nss-util packages have been upgraded to upstream versions\n3.19.1. The upgraded versions provide a number of bug fixes and\nenhancements over the previous versions.\n\nUsers of nss and nss-util are advised to upgrade to these updated packages,\nwhich fix these security flaws, bugs, and add these enhancements.\");\n script_tag(name:\"affected\", value:\"nss on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1185-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-June/msg00032.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~3.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.19.1~3.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~3.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~3.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~3.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-debuginfo\", rpm:\"nss-util-debuginfo~3.19.1~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.19.1~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-debuginfo\", rpm:\"nss-util-debuginfo~3.19.1~1.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~1.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:13", "description": "Oracle Linux Local Security Checks ELSA-2015-1185", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1185", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123090", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123090", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1185.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123090\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 13:59:14 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1185\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1185 - nss security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1185\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1185.html\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~3.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~3.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~3.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~3.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~3.0.1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~3.0.1.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~3.0.1.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~3.0.1.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~3.0.1.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~3.0.1.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~1.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-09T00:00:00", "type": "openvas", "title": "RedHat Update for openssl RHSA-2015:1072-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871364", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871364", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2015:1072-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871364\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 11:01:02 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for openssl RHSA-2015:1072-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1072-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-June/msg00008.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~42.el7_1.6\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~42.el7_1.6\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~42.el7_1.6\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~42.el7_1.6\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~30.el6_6.9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~30.el6_6.9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~30.el6_6.9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-04-02T18:46:11", "description": "This host is accepting ", "cvss3": {}, "published": "2015-05-22T00:00:00", "type": "openvas", "title": "SSL/TLS: 'DHE_EXPORT' Man in the Middle Security Bypass Vulnerability (LogJam)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2020-03-31T00:00:00", "id": "OPENVAS:1361412562310805188", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805188", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SSL/TLS: 'DHE_EXPORT' Man in the Middle Security Bypass Vulnerability (LogJam)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805188\");\n script_version(\"2020-03-31T06:57:15+0000\");\n script_cve_id(\"CVE-2015-4000\");\n script_bugtraq_id(74733);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-31 06:57:15 +0000 (Tue, 31 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-05-22 13:17:23 +0530 (Fri, 22 May 2015)\");\n script_name(\"SSL/TLS: 'DHE_EXPORT' Man in the Middle Security Bypass Vulnerability (LogJam)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SSL and TLS\");\n script_dependencies(\"secpod_ssl_ciphers.nasl\");\n script_mandatory_keys(\"secpod_ssl_ciphers/supported_ciphers\", \"ssl_tls/port\");\n\n script_xref(name:\"URL\", value:\"https://weakdh.org\");\n script_xref(name:\"URL\", value:\"https://weakdh.org/imperfect-forward-secrecy.pdf\");\n script_xref(name:\"URL\", value:\"http://openwall.com/lists/oss-security/2015/05/20/8\");\n script_xref(name:\"URL\", value:\"https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained\");\n script_xref(name:\"URL\", value:\"https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes\");\n\n script_tag(name:\"summary\", value:\"This host is accepting 'DHE_EXPORT' cipher suites\n and is prone to man in the middle attack.\");\n\n script_tag(name:\"vuldetect\", value:\"Check previous collected cipher suites saved in the KB.\");\n\n script_tag(name:\"insight\", value:\"Flaw is triggered when handling\n Diffie-Hellman key exchanges defined in the 'DHE_EXPORT' cipher suites.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a\n man-in-the-middle attacker to downgrade the security of a TLS session to\n 512-bit export-grade cryptography, which is significantly weaker, allowing\n the attacker to more easily break the encryption and monitor or tamper with\n the encrypted stream.\");\n\n script_tag(name:\"affected\", value:\"- Hosts accepting 'DHE_EXPORT' cipher suites\n\n - OpenSSL version before 1.0.2b and 1.0.1n\");\n\n script_tag(name:\"solution\", value:\"- Remove support for 'DHE_EXPORT' cipher\n suites from the service\n\n - If running OpenSSL updateto version 1.0.2b or 1.0.1n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n exit(0);\n}\n\ninclude(\"ssl_funcs.inc\");\n\ncipherText = \"'DHE_EXPORT' cipher suites\";\n\nif( ! port = tls_ssl_get_port() )\n exit( 0 );\n\nif( ! sup_ssl = get_kb_item( \"tls/supported/\" + port ) )\n exit( 0 );\n\nif( \"SSLv3\" >< sup_ssl ) {\n sslv3CipherList = get_kb_list( \"secpod_ssl_ciphers/sslv3/\" + port + \"/supported_ciphers\" );\n\n if( ! isnull( sslv3CipherList ) ) {\n\n # Sort to not report changes on delta reports if just the order is different\n sslv3CipherList = sort( sslv3CipherList );\n\n foreach sslv3Cipher( sslv3CipherList ) {\n if( sslv3Cipher =~ \"^TLS_DHE?_.*_EXPORT_\" ) {\n sslv3Vuln = TRUE;\n sslv3tmpReport += sslv3Cipher + '\\n';\n }\n }\n\n if( sslv3Vuln ) {\n report += cipherText +' accepted by this service via the SSLv3 protocol:\\n\\n' + sslv3tmpReport + '\\n';\n }\n }\n}\n\nif( \"TLSv1.0\" >< sup_ssl ) {\n tlsv1_0CipherList = get_kb_list( \"secpod_ssl_ciphers/tlsv1/\" + port + \"/supported_ciphers\" );\n\n if( ! isnull( tlsv1_0CipherList ) ) {\n\n # Sort to not report changes on delta reports if just the order is different\n tlsv1_0CipherList = sort( tlsv1_0CipherList );\n\n foreach tlsv1_0Cipher( tlsv1_0CipherList ) {\n if( tlsv1_0Cipher =~ \"^TLS_DHE?_.*_EXPORT_\" ) {\n tlsv1_0Vuln = TRUE;\n tlsv1_0tmpReport += tlsv1_0Cipher + '\\n';\n }\n }\n\n if( tlsv1_0Vuln ) {\n report += cipherText + ' accepted by this service via the TLSv1.0 protocol:\\n\\n' + tlsv1_0tmpReport + '\\n';\n }\n }\n}\n\nif( \"TLSv1.1\" >< sup_ssl ) {\n tlsv1_1CipherList = get_kb_list( \"secpod_ssl_ciphers/tlsv1_1/\" + port + \"/supported_ciphers\" );\n\n if( ! isnull( tlsv1_1CipherList ) ) {\n\n # Sort to not report changes on delta reports if just the order is different\n tlsv1_1CipherList = sort( tlsv1_1CipherList );\n\n foreach tlsv1_1Cipher( tlsv1_1CipherList ) {\n if( tlsv1_1Cipher =~ \"^TLS_DHE?_.*_EXPORT_\" ) {\n tlsv1_1Vuln = TRUE;\n tlsv1_1tmpReport += tlsv1_1Cipher + '\\n';\n }\n }\n\n if( tlsv1_1Vuln ) {\n report += cipherText + ' accepted by this service via the TLSv1.1 protocol:\\n\\n' + tlsv1_1tmpReport + '\\n';\n }\n }\n}\n\nif( \"TLSv1.2\" >< sup_ssl ) {\n tlsv1_2CipherList = get_kb_list( \"secpod_ssl_ciphers/tlsv1_2/\" + port + \"/supported_ciphers\" );\n\n if( ! isnull( tlsv1_2CipherList ) ) {\n\n # Sort to not report changes on delta reports if just the order is different\n tlsv1_2CipherList = sort( tlsv1_2CipherList );\n\n foreach tlsv1_2Cipher( tlsv1_2CipherList ) {\n if( tlsv1_2Cipher =~ \"^TLS_DHE?_.*_EXPORT_\" ) {\n tlsv1_2Vuln = TRUE;\n tlsv1_2tmpReport += tlsv1_2Cipher + '\\n';\n }\n }\n\n if( tlsv1_2Vuln ) {\n report += cipherText + ' accepted by this service via the TLSv1.2 protocol:\\n\\n' + tlsv1_2tmpReport + '\\n';\n }\n }\n}\n\nif( report ) {\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:50", "description": "Mageia Linux Local Security Checks mgasa-2015-0260", "cvss3": {}, "published": "2015-10-15T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0260", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310130117", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130117", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0260.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.130117\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 10:42:55 +0300 (Thu, 15 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0260\");\n script_tag(name:\"insight\", value:\"The filezilla package has been updated to version 3.11.0.2, fixing multiple bugs and one security issue, related to the LOGJAM TLS issue when using FTP.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0260.html\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0260\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"filezilla\", rpm:\"filezilla~3.11.0.2~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:50", "description": "Check the version of nss-util", "cvss3": {}, "published": "2015-06-26T00:00:00", "type": "openvas", "title": "CentOS Update for nss-util CESA-2015:1185 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882210", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882210", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss-util CESA-2015:1185 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882210\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-26 06:24:35 +0200 (Fri, 26 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss-util CESA-2015:1185 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of nss-util\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of\n libraries designed to support cross-platform development of security-enabled client\n and server applications.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in NSS to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nThe nss and nss-util packages have been upgraded to upstream versions\n3.19.1. The upgraded versions provide a number of bug fixes and\nenhancements over the previous versions.\n\nUsers of nss and nss-util are advised to upgrade to these updated packages,\nwhich fix these security flaws, bugs, and add these enhancements.\");\n script_tag(name:\"affected\", value:\"nss-util on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1185\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021223.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:49", "description": "Check the version of openssl", "cvss3": {}, "published": "2015-06-09T00:00:00", "type": "openvas", "title": "CentOS Update for openssl CESA-2015:1072 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882194", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882194", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2015:1072 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882194\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 11:04:40 +0200 (Tue, 09 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssl CESA-2015:1072 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of openssl\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\n Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1072\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021159.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~42.el7.6\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~42.el7.6\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~42.el7.6\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~42.el7.6\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~42.el7.6\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-09T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2015-9130", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869382", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869382", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2015-9130\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869382\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 10:44:57 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for nss FEDORA-2015-9130\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"nss on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9130\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~1.0.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-07T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2015-9048", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869508", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869508", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2015-9048\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869508\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:20:54 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for nss FEDORA-2015-9048\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"nss on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9048\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~1.0.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-07-07T00:00:00", "type": "openvas", "title": "Fedora Update for nss-softokn FEDORA-2015-9048", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869536", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869536", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-softokn FEDORA-2015-9048\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869536\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:23:34 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for nss-softokn FEDORA-2015-9048\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-softokn'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"nss-softokn on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9048\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/159349.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-softokn\", rpm:\"nss-softokn~3.19.1~1.0.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "description": "Utilities for Network Security Services and the Softoken module ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.7, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2015-06-02T15:17:04", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: nss-util-3.19.1-1.0.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2015-06-02T15:17:04", "id": "FEDORA:0247660876CD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MPPCBKMD2LKYFIHJELH4TKHFMYIU2ANT/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Network Security Services Softoken Cryptographic Module ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.7, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2015-06-02T15:17:04", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: nss-softokn-3.19.1-1.0.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2015-06-02T15:17:04", "id": "FEDORA:EC81E60167DA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JMKS4T2QWH6G6LSYJC67RP64OYRNNIMP/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.7, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2015-06-02T15:17:04", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: nss-3.19.1-1.0.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2015-06-02T15:17:04", "id": "FEDORA:DF12460167D9", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GMK5GSN3TUCTUH4B7SXE2HB2SYMFQGX5/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Network Security Services Softoken Cryptographic Module ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.7, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2015-06-01T17:06:26", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: nss-softokn-3.19.1-1.0.fc21", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2015-06-01T17:06:26", "id": "FEDORA:2C4EB601455B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/563DZJLWQQNVTSZA6YXGKQHDJV5W5Z4Y/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Utilities for Network Security Services and the Softoken module ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.7, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2015-06-01T17:06:27", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: nss-util-3.19.1-1.0.fc21", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2015-06-01T17:06:27", "id": "FEDORA:3733C6079D2E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CQ2TWC2YAH6MJ6A7FSVVEUDKPMJQJ4CQ/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.7, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2015-06-01T17:06:26", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: nss-3.19.1-1.0.fc21", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2015-06-01T17:06:26", "id": "FEDORA:1B5E26014558", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KAHPCILLAJZIHEVNIB7YKHXNIS77V7TH/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2023-05-18T14:13:59", "description": "Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic.\n(CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits.\n\nAll openssl users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "cvss3": {}, "published": "2015-06-05T00:00:00", "type": "nessus", "title": "CentOS 6 / 7 : openssl (CESA-2015:1072) (Logjam)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:openssl", "p-cpe:/a:centos:centos:openssl-devel", "p-cpe:/a:centos:centos:openssl-libs", "p-cpe:/a:centos:centos:openssl-perl", "p-cpe:/a:centos:centos:openssl-static", "cpe:/o:centos:centos:6", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-1072.NASL", "href": "https://www.tenable.com/plugins/nessus/83994", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1072 and \n# CentOS Errata and Security Advisory 2015:1072 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83994);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2015-4000\");\n script_bugtraq_id(74733);\n script_xref(name:\"RHSA\", value:\"2015:1072\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"CentOS 6 / 7 : openssl (CESA-2015:1072) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Updated openssl packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS protocol composes the\nDiffie-Hellman (DH) key exchange. A man-in-the-middle attacker could\nuse this flaw to force the use of weak 512 bit export-grade keys\nduring the key exchange, allowing them do decrypt all traffic.\n(CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL\nto reject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit\nto 1024 bits.\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. For the update\nto take effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\");\n # https://lists.centos.org/pipermail/centos-announce/2015-June/021157.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e68ebb6e\");\n # https://lists.centos.org/pipermail/centos-announce/2015-June/021159.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9861eafd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4000\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x / 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-1.0.1e-30.el6.9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-devel-1.0.1e-30.el6.9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-perl-1.0.1e-30.el6.9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"openssl-static-1.0.1e-30.el6.9\")) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7.6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-42.el7.6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-libs-1.0.1e-42.el7.6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7.6\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-42.el7.6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-libs / openssl-perl / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:13", "description": "This update for nagios-nrpe fixes one issue. This security issue was fixed :\n\n - CVE-2015-4000: Prevent Logjam. The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, did not properly convey a DHE_EXPORT choice, which allowed man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE (bsc#938906).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-06-21T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : nagios-nrpe (SUSE-SU-2018:1768-1) (Logjam)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:nagios-nrpe", "p-cpe:/a:novell:suse_linux:nagios-nrpe-doc", "p-cpe:/a:novell:suse_linux:nagios-plugins-nrpe", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2018-1768-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110640", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1768-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110640);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2015-4000\");\n script_bugtraq_id(74733);\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"SUSE SLES11 Security Update : nagios-nrpe (SUSE-SU-2018:1768-1) (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for nagios-nrpe fixes one issue. This security issue was\nfixed :\n\n - CVE-2015-4000: Prevent Logjam. The TLS protocol 1.2 and\n earlier, when a DHE_EXPORT ciphersuite is enabled on a\n server but not on a client, did not properly convey a\n DHE_EXPORT choice, which allowed man-in-the-middle\n attackers to conduct cipher-downgrade attacks by\n rewriting a ClientHello with DHE replaced by DHE_EXPORT\n and then rewriting a ServerHello with DHE_EXPORT\n replaced by DHE (bsc#938906).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=938906\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-4000/\");\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181768-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f7e072e6\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-nagios-nrpe-13667=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-nagios-nrpe-13667=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nagios-nrpe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nagios-nrpe-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nagios-plugins-nrpe\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"nagios-nrpe-2.12-24.4.10.3.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"nagios-nrpe-doc-2.12-24.4.10.3.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"nagios-plugins-nrpe-2.12-24.4.10.3.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nagios-nrpe\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:29", "description": "A vulnerability has been found in nss.\n\nCVE-2015-4000\n\nWith TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the 'Logjam' issue.\n\nThe solution in nss was to not accept bit lengths less than 1024. This may potentially be a backwards incompatibility issue but such low bit lengths should not be in use so it was deemed acceptable.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 2:3.14.5-1+deb7u7.\n\nWe recommend that you upgrade your nss packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-06-08T00:00:00", "type": "nessus", "title": "Debian DLA-507-1 : nss security update (Logjam)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4000"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libnss3", "p-cpe:/a:debian:debian_linux:libnss3-1d", "p-cpe:/a:debian:debian_linux:libnss3-dbg", "p-cpe:/a:debian:debian_linux:libnss3-dev", "p-cpe:/a:debian:debian_linux:libnss3-tools", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-507.NASL", "href": "https://www.tenable.com/plugins/nessus/91505", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-507-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91505);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2015-4000\");\n script_bugtraq_id(74733);\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Debian DLA-507-1 : nss security update (Logjam)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"A vulnerability has been found in nss.\n\nCVE-2015-4000\n\nWith TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is\nenabled on a server but not on a client, does not properly convey a\nDHE_EXPORT choice, which allows man-in-the-middle attackers to conduct\ncipher-downgrade attacks by rewriting a ClientHello with DHE replaced\nby DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT\nreplaced by DHE, aka the 'Logjam' issue.\n\nThe solution in nss was to not accept bit lengths less than 1024. This\nmay potentially be a backwards incompatibility issue but such low bit\nlengths should not be in use so it was deemed acceptable.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n2:3.14.5-1+deb7u7.\n\nWe recommend that you upgrade your nss packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2016/06/msg00006.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/wheezy/nss\
Security Bulletin: A vulnerability in Diffie-Hellman ciphers affects IBM Security Network Intrusion Prevention System (CVE-2015-4000)
