Weak Cipher Suite Vulnerability in IBM Netezza Performance Portal
CVE-2014-0848

Currently unrated

Key Information:

Vendor: IBM
Status: Netezza Performance Portal
Vendor: CVE Published:; 26 March 2014

Summary

The Apache HTTP Server component in IBM Netezza Performance Portal 2.0 prior to version 2.0.0.4 contains weak SSLCipherSuite configurations in the ssl.conf and httpd.conf files. This vulnerability allows remote attackers potentially to exploit these configurations, facilitating brute-force attacks against the cryptographic protection mechanisms. As a result, sensitive data could be compromised. It is essential for users of affected versions to implement security patches and update to the latest version to mitigate this risk.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/90723

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21665278

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 26, 2014
Vulnerability Reserved
Jan 6, 2014