Описание
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to obtain sensitive information by sniffing the network during use of the null SSL cipher.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:security_access_manager_for_web:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_access_manager_for_web:8.0:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00264
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to obtain sensitive information by sniffing the network during use of the null SSL cipher.
EPSS
Процентиль: 50%
0.00264
Низкий
5 Medium
CVSS2
Дефекты
CWE-200