2 matches found
Security Bulletin: IBM Sterling Connect:Direct for OpenVMS. Unencrypted data transfers can occur even when SSL encryption is specified in the security configuration. (CVE-2013-4035)
Abstract Unencrypted data transfers can occur even when SSL encryption is specified in the security configuration. Content VULNERABILITY DETAILS: CVEID: CVE-2013-4035 DESCRIPTION: When Connect:Direct for OpenVMS is the server in a TCP/IP session, and the client requests an unencrypted session, C:...
CVE-2013-4035
CVE-2013-4035 affects IBM Sterling Connect:Direct for OpenVMS (versions 3.4.00, 3.4.01, 3.5.00, 3.6.0, 3.6.0.1). When the server is in a TCP/IP session and the client requests an unencrypted session, the product may allow an unencrypted session to proceed even if SSL is configured, exposing data....