2 matches found
Security Bulletin: HAProxy vulnerability CVE-2019-11323 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0
Summary HAProxy vulnerability CVE-2019-11323 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0. The fix for this set of vulnerabilities was delivered in IBM Aspera High-Speed Transfer Server V4.0.0 and IBM Aspera High-Speed Transfer...
CVE-2019-11323
HAProxy before 1.9.7 is vulnerable due to mishandling a reload with rotated keys, triggering the use of uninitialized, highly predictable HMAC keys in ssl_sock.h. This can lead to disclosure of HMAC keys. Public exploit details are not provided in the documents. The IBM Aspera IBM pages note fixe...