Man-in-the-Middle Attack Vulnerability in IBM InfoSphere Optim Data Growth
CVE-2013-2953

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Optim Data Growth For Oracle E-business Suite
Vendor: CVE Published:; 27 May 2013

Summary

IBM InfoSphere Optim Data Growth for Oracle E-Business Suite versions 6.x, 7.x, and 9.x prior to 9.1.0.3 utilize the MD5 hashing algorithm for generating signatures in X.509 certificates. This reliance on an outdated and flawed hashing algorithm enables man-in-the-middle attackers to potentially spoof SSL servers by presenting a crafted certificate, compromising the integrity and confidentiality of the data transmitted.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21637444

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 27, 2013