Weak SSL and TLS Cipher Suite Vulnerability in IBM System X and Flex System Servers
CVE-2013-4030

Currently unrated

Key Information:

Vendor: IBM
Status: Integrated Management Module 2; Bladecenter; Flex System Manager Node 7955; Flex System Manager Node 8731
Vendor: CVE Published:; 21 January 2014

Summary

The Integrated Management Module (IMM) versions 1.00 through 2.00 on IBM System X and Flex System servers are susceptible to vulnerabilities arising from support for SSL cipher suites that utilize short keys. This weakness potentially enables remote attackers to conduct brute-force attacks on SSL and TLS traffic, thus undermining the cryptographic protections offered by these protocols. Organizations are advised to avoid using weak SSL/TLS configurations to enhance security and mitigate the risks associated with this vulnerability.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/86068

vdb-entryx_refsource_XF

http://www.ibm.com/connections/blogs/PSIRT/entry/security...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jan 21, 2014
Vulnerability Reserved
Jun 7, 2013