Security Bulletin: Vulnerability in SSLv3 affects IBM SPSS Data Access Pack (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 can be configured for the IBM SPSS Data Access Pack. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain...

Security Bulletin: DH Key Exchange protocol vulnerability (“Logjam”) affects SPSS Data Access Pack

Summary TLS connections using Diffie-Hellman DH key exchange protocol affects IBM SPSS Data Accesss Pack 7.1.1. This attack has been referred to as "Logjam" in various sources. IBM SPSS Data Access Pack is a software component used by IBM SPSS Statistics and IBM SPSS Modeler. Vulnerability Detail...