3 matches found
CVE-2020-4624
IBM Cloud Pak for Security 1.3.0.1 CP4S uses weaker than expected cryptographic algorithms during negotiation could allow an attacker to decrypt sensitive information...
CVE-2020-4624
CVE-2020-4624 affects IBM Cloud Pak for Security (CP4S) 1.3.0.1, where negotiation uses weaker cryptographic algorithms (e.g., TLS 1.0/1.1 not disabled by default), potentially allowing an attacker to decrypt sensitive information. Remediation: upgrade to CP4S v1.4.0.0 as documented by IBM.
Security Bulletin: IBM Cloud Pak for Security (CP4S) uses weaker than expected cryptographic algorithms (CVE-2020-4624)
Summary IBM Cloud Pak for Security CP4S uses weaker than expected cryptographic algorithms during negotiation, which could allow an attacker to decrypt sensitive information. TLS 1.0 and 1.1 is not disabled by default in CP4S 1.3.0.1. Vulnerability Details CVEID: CVE-2020-4624 DESCRIPTION: IBM...