SUSE CVE-2015-0138

🗓️ 15 Feb 2023 05:23:57Reported by Suse CVEType

CVE-2015-0138: GSKit in Tivoli Directory Server and Security Directory Server enables TLS state transitions, allowing EXPORT_RSA cipher downgrade.

Reporter	Title	Published	Views	Family All 222
IBM Security Bulletins	Security Bulletin: Vulnerabilities in GSKit affect IBM® DB2® (CVE-2015-0138, CVE-2015-0159 and CVE-2014-6221)	16 Jun 201813:10	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Application Server (CVE-2015-2808)	15 Jun 201807:02	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in GSKit affect IBM Rational ClearCase (CVE-2015-0138)	10 Jul 201808:34	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability with RSA Export Keys may affect IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2015-0138)	16 Jun 201819:43	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Service Registry and Repository April 2015 CPU	15 Jun 201807:03	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability with RSA Export Keys may affect IBM WebSphere Application Server (CVE-2015-0138)	15 Jun 201807:02	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Business Process Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator	17 Jun 201822:30	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with WebSphere Remote Server (CVE-2015-0138, CVE-2015-0159 and CVE-2014-6221)	15 Jun 201807:02	–	ibm
IBM Security Bulletins	IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index	31 Jan 202100:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM Workload Deployer. (CVE-2015-2808, CVE-2015-1916, CVE-2015-0204, and CVE-2015-0138)	15 Jun 201807:03	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Desktop	11.3	any	java-1_6_0-ibm	1.6.0_sr16.4-0.3.1	java-1_6_0-ibm-1.6.0_sr16.4-0.3.1.noarch.rpm
SUSE Linux Enterprise Server	11.1	any	java-1_6_0-ibm	1.6.0_sr16.4-0.3.1	java-1_6_0-ibm-1.6.0_sr16.4-0.3.1.noarch.rpm
SUSE Linux Enterprise Server	11.2	any	java-1_6_0-ibm	1.6.0_sr16.4-0.3.1	java-1_6_0-ibm-1.6.0_sr16.4-0.3.1.noarch.rpm
SUSE Linux Enterprise Server	11.3	any	java-1_6_0-ibm	1.6.0_sr16.4-0.3.1	java-1_6_0-ibm-1.6.0_sr16.4-0.3.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	11.3	any	java-1_6_0-ibm	1.6.0_sr16.4-0.3.1	java-1_6_0-ibm-1.6.0_sr16.4-0.3.1.noarch.rpm
SUSE Linux Enterprise Server	12	any	java-1_6_0-ibm	1.6.0_sr16.4-15.1	java-1_6_0-ibm-1.6.0_sr16.4-15.1.noarch.rpm
SUSE Linux Enterprise Server	12.3	any	java-1_6_0-ibm	1.6.0_sr16.4-15.1	java-1_6_0-ibm-1.6.0_sr16.4-15.1.noarch.rpm
SUSE Linux Enterprise Server	12.4	any	java-1_6_0-ibm	1.6.0_sr16.4-15.1	java-1_6_0-ibm-1.6.0_sr16.4-15.1.noarch.rpm
SUSE Linux Enterprise Server	12.5	any	java-1_6_0-ibm	1.6.0_sr16.4-15.1	java-1_6_0-ibm-1.6.0_sr16.4-15.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12	any	java-1_6_0-ibm	1.6.0_sr16.4-15.1	java-1_6_0-ibm-1.6.0_sr16.4-15.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2015-0138
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/952088
lists	www.lists.suse.com/pipermail/sle-security-updates/2015-June/001442.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2015-June/001445.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2015-June/001447.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2015-June/001458.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2015-June/001466.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2015-June/001469.html

29 Sep 2025 02:27Current

7.1High risk

Vulners AI Score7.1

CVSS 24.3

EPSS0.00921