Описание
IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2016-0266
- https://aix.software.ibm.com/aix/efixes/security/nettcp_advisory2.asc
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV86116
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV86117
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV86118
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV86119
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV86120
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV86132
- http://www.securityfocus.com/bid/92150
- http://www.securitytracker.com/id/1036467
Связанные уязвимости
CVSS3: 3.7
nvd
больше 9 лет назад
IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors.