Tivoli Directory Server Security Vulnerabilities and Issues — Tivoli Directory Server CVE List

Lucene search

IbmTivoli Directory Server

5 matches found

CVE•added 2012/08/08 10:26 a.m.•75 views

CVE-2012-2191

IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, does not properly validate data during execution of a protection mechanism against the Vaudenay SSL CBC timing attack, which allows remote attackers to ca...

5CVSS8.8AI score0.14145EPSS

CVE•added 2012/08/08 10:26 a.m.•48 views

CVE-2012-2203

IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, uses the PKCS #12 file format for certificate objects without enforcing file integrity, which makes it easier for remote attackers to spoof SSL servers vi...

7.5CVSS6.3AI score0.00962EPSS

CVE•added 2012/04/22 6:55 p.m.•46 views

CVE-2012-0726

The default configuration of TLS in IBM Tivoli Directory Server (TDS) 6.3 and earlier supports the (1) NULL-MD5 and (2) NULL-SHA ciphers, which allows remote attackers to trigger unencrypted communication via the TLS Handshake Protocol.

6.4CVSS6.6AI score0.00519EPSS

CVE•added 2012/04/22 6:55 p.m.•40 views

CVE-2012-0740

Cross-site scripting (XSS) vulnerability in the Web Admin Tool in IBM Tivoli Directory Server (TDS) 6.2 before 6.2.0.22 and 6.3 before 6.3.0.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.7AI score0.00478EPSS

CVE•added 2012/04/22 6:55 p.m.•34 views

CVE-2012-0743

IBM Tivoli Directory Server (TDS) 6.3 and earlier allows remote attackers to cause a denial of service (daemon crash) via a malformed LDAP paged search request.

5CVSS6.6AI score0.01342EPSS