Weak SSL Cipher Vulnerability in IBM Tivoli Identity Manager and Security Identity Manager
CVE-2014-6112

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Security Identity Manager; Tivoli Identity Manager
Vendor: CVE Published:; 20 April 2018

Summary

The vulnerability in IBM Tivoli Identity Manager and Security Identity Manager stems from the support of weak SSL ciphers, which can be exploited by remote attackers to gain unauthorized access to sensitive information. This allows malicious entities to intercept and decrypt traffic, thereby compromising the integrity and confidentiality of user data. Upgrading to the latest versions minimizes exposure to such risks and enhances overall security.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/96184

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21698020

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 20, 2018
Vulnerability Reserved
Sep 2, 2014