Lucene search
IBME8FF35BB00E771130F89C2474530709E8A51D2E493AB04EA5181E2C10C31FA15HistoryJun 16, 2018 - 2:20 p.m.
Security Bulletin: There is a weak ciphers vulnerability in IBM Streams
2018-06-1614:20:07
www.ibm.com
9
0.001 Low
EPSS
Percentile
44.5%
Summary
There is a vulnerability in IBM Streams where weak ciphers may be enabled when Transport Layer Security is enabled.
Vulnerability Details
CVEID: CVE-2017-1713**
DESCRIPTION:** IBM InfoSphere Streams uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/134632 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
- IBM Streams Version 4.2.1 release
Remediation/Fixes
NOTE: Fix Packs are available on IBM Fix Central.
To remediate/fix this issue, follow the instructions below:
- Version 4.2.x: Apply 4.2.1 Fix Pack 4 (4.2.1.4) or higher.
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm streams | eq | 4.2.1 |
Related
cve
cve
CVE-2017-1713
2019-03-21 15:59:56
prion
prion
Code injection
2019-03-21 15:59:00
cvelist
cvelist
CVE-2017-1713
2018-05-02 00:00:00
nvd
nvd
CVE-2017-1713
2019-03-21 15:59:56
0.001 Low
EPSS
Percentile
44.5%
Related for E8FF35BB00E771130F89C2474530709E8A51D2E493AB04EA5181E2C10C31FA15