Aug 25, 2020 8:00 pm EDT
Categorized: Medium Severity
Share this post:
Browser Exploit Against SSL/TLS (a.k.a. BEAST) vulnerability is observed. In TLS 1.0 and earlier, it is possible to predict the Initialization Vector (IV) of the block cipher encryption. This allows a man-in-the-middle attacker to guess the plaintext being encrypted. The affected products are in TLS 1.0 and earlier.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| TNPM Wireline | 1.4.0 |
| TNPM Wireline | 1.4.1 |
| TNPM Wireline | 1.4.2 |
| TNPM Wireline | 1.4.3 |
| TNPM Wireline | 1.4.4 |
| TNPM Wireline | 1.4.5 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6322533
from IBM Product Security Incident Response Team https://ift.tt/31v5tpI
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.