Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Rational ClearQuest(CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Rational ClearQuest. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Service Tester (CVE-2015-4000, CVE-2015-0478, CVE-2015-1916).

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Rational Service Tester. There are also multiple vulnerabilities in IBM SDK Java Technology Edition, Version 1.7 that is used by Rational Service Tester. These issues were disclosed as part of t...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Rational RequisitePro (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Rational RequisitePro. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to proper...

Security Bulletin: Vulnerability in Diffie-Hellman cipher affects Rational Insight (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Jazz Team Server and Cognos Business Intelligence Cognos BI shipped with Rational Insight. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker ...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Rational Directory Server (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Rational Directory Server. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to proper...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Rational Directory Administrator (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Rational Directory Administrator Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...

Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM i2 Intelligence Analysis Platform (CVE-2015-4000)

Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of the IBM WebSphere Application Server used with the IBM i2 Intelligence Analysis Platform. The IBM HTTP Server used by IBM i2 Intelligence Analysis Platform is not affected. Vulnerability Details...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Proventia Network Active Bypass (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affect IBM Security Proventia Network Active Bypass Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the...

Security Bulletin: libssh2 vulnerability affects IBM Identity Security Governance (CVE-2016-0787)

Summary A libssh2 could provide weaker than expected security vulnerability affects IBM Identity Security Governance Vulnerability Details CVEID: CVE-2016-0787 DESCRIPTION: libssh2 could provide weaker than expected security, caused by a type confusion error during the SSHv2 handshake resulting i...

Security Bulletin: A vulnerability in libssh2 affects IBM Security Network Protection (CVE-2016-0787)

Summary The libssh2 packages provide a library that implements the SSHv2 protocol. A security vulnerability has been discovered in libssh2 used with IBM Security Network Protection. Vulnerability Details CVEID: CVE-2016-0787 DESCRIPTION: libssh2 could provide weaker than expected security, caused...

Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM InfoSphere Guardium

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by IBM InfoSphere Guardium. IBM InfoSphere Guardium has addressed the applicable...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM B2B Advanced Communications (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM B2B Advanced Communications. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Tealeaf Customer Experience (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Tealeaf Customer Experience. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and in Diffie-Hellman ciphers affects IBM InfoSphere Information Server (CVE-2015-0478 CVE-2015-0488 CVE-2015-1916 CVE-2015-4000)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6 and 7 that are used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2015. This bulletin also addresses the Logjam Attack on TLS connections...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM® DB2® LUW (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM DB2 LUW. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a...

Security Bulletin: DH Key Exchange protocol vulnerability (“Logjam”) affects SPSS Data Access Pack

Summary TLS connections using Diffie-Hellman DH key exchange protocol affects IBM SPSS Data Accesss Pack 7.1.1. This attack has been referred to as "Logjam" in various sources. IBM SPSS Data Access Pack is a software component used by IBM SPSS Statistics and IBM SPSS Modeler. Vulnerability Detail...

Security Bulletin: DH key exchange protocol vulnerability (“Logjam”) in IBM Java SDK affects IBM SPSS Statistics (CVE-2015-4000)

Summary TLS connections using Diffie-Hellman DH key exchange protocol, “Logjam” attack, affects IBM Java SDK 1.6, 1.7 that is used by IBM SPSS Statistics. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused...

Security Bulletin: DH key exchange protocol vulnerability (“Logjam”) in IBM Java SDK affects IBM SPSS Analytic Server (CVE-2015-4000)

Summary Vulnerabilities in SSL/TLS protocol during key exchange phase using Diffie-Hellman DH ciphersuite, “Logjam” attack, affects IBM Java SDK 1.6, 1.7 that is used by IBM SPSS Analytic Server. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacke...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM DB2 Recovery Expert for Linux, UNIX and Windows (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM DB2 Recovery Expert for Linux, UNIX, and Windows Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, cause...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects DB2 QMF for Workstation (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects DB2 QMF for Workstation. Vulnerability Details CVEID: CVE-2015-4000 The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a...