SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2023:4507-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4507-1 advisory. - The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly conv...

SUSE SLES15 / openSUSE 15 Security Update : java-1_8_0-openjdk (SUSE-SU-2023:4506-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4506-1 advisory. - The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not...

SUSE SLES12 Security Update : nrpe (SUSE-SU-2023:0586-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0586-1 advisory. - The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a...

K16674: TLS vulnerability CVE-2015-4000

Security Advisory Description The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational Requirements Composer RRC, Rational DOORS Next Generation RDNG, Rational Engineering...

Security Bulletin: TLS Protocol DHE_EXPORT Ciphers Downgrade MitM (Logjam) vulnerability in IBM Cloud Pak for Data Streams

Summary The Transport Layer Security TLS protocol contains a flaw that is triggered when handling DiffieHellman key exchanges defined with the DHEEXPORT cipher. A man-in-the middle attacker may be able to downgrade the session to use EXPORTDHE cipher suites. Thus, it is recommended to remove...

Security Bulletin: IBM Spectrum Protect Plus vulnerable to Logjam (CVE-2015-4000)

Summary A port used by VADP is reported to be vulnerable to Logjam CVE-2015-4000. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHEEXPORT ciphersuite choice. An...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK including Logjam affect IBM Tivoli System Automation for Integrated Operations Management

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 that is used by IBM Tivoli System Automation for Integrated Operations Management. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam Attac...

Security Bulletin: Logjam vulnerability affect IBM Cloud Manager with Openstack (CVE-2015-4000)

Summary IBM Cloud Manager with Openstack is vulnerable to Logjam vulnerability, attackers could exploit them to obtain sensitive information Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failur...

Security Bulletin: Multiple vulnerabilities in the IBM Runtime Environments Java Technology Edition, Versions 6 and 7 in TPF Toolkit (CVE-2015-0204, CVE-2015-0478, CVE-2015-0488, CVE-2015-1916, CVE-2015-4000)

Summary Multiple security vulnerabilities exist in the IBM® Runtime Environments Java™ Technology Edition, Versions 6 and 7 that are shipped in TPF Toolkit. Vulnerability Details CVEID: CVE-2015-0204 DESCRIPTION: A vulnerability in the OpenSSL ssl3getkeyexchange function could allow a remote...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK including Logjam affect IBM Tivoli System Automation for Multiplatforms (CVE-2015-4000, CVE-2015-2613, CVE-2015-2601, CVE-2015-2625, CVE-2015-1931, CVE-2015-4749)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 5 and 7 that is used by IBM Tivoli System Automation for Multiplatforms. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam Attack on TLS...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Tivoli Monitoring (CVE-2015-4000)

Summary The Logjam vulnerability in TLS connections using the Diffie-Hellman DH key exchange protocol affects some components of IBM Tivoli Monitoring ITM. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, cause...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM WebSphere Application Server shipped with Tivoli Business Service Manager. (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM WebSphere Application Server shipped with Tivoli Business Service Manager. IBM WebSphere Application Server is shipped as a component of Tivoli Business Service Manager. Information about th...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Rational RequisitePro (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Rational RequisitePro. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to proper...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational Software Architect , Rational Software Architect for Websphere software and Rational Software Architect Real Time (CVE-2015-4000, CVE-2015-0488, CVE-2015-0478, CVE-2015-02

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 that are used by IBM Rational Software Architect , Rational Software Architect for Websphere software and Rational Software Architect Real Time. These issues were disclosed as part of...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Network Protection (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol may affect IBM Sterling B2B Integrator and IBM Sterling File Gateway based on customer configuration and use. Vulnerability Details CVE ID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remo...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Command Center (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Cognos Command Center. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to proper...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Algo Credit Limits (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Algo Credit Limits. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Image Construction and CompositionTool. (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Image Construction and Composition Tool. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the...