Ibm® Sterling Connect: Direct

Download 84.26 Kb.
bet	19/47
Sana	24.03.2021
Hajmi	84.26 Kb.
	#13516

1 ... 15 16 17 18 19 20 21 22 ... 47

Description of Fix

Fix Availability Date: 26 March 2015

High Impact: N

Reported Severity: 5
4.7.0.3_iFix004: RTC462325 / APAR IT08243 / CVE-2015-2808, CVE-2011-3389

Description of Issue: CBC ciphers are vulnerable to CVE-2011-3389 (BEAST Attack). Previous recommendation to mitigate CVE-2011-3389 was to not use CBC ciphers. RC4 ciphers are vulnerable to CVE-2015-2808 (Bar Mitzvah Attack). Current recommendation to mitigate CVE-2015-2808 is to discontinue use of RC4 ciphers. However, the remaining available ciphers are generally CBC ciphers.

Description of Fix: Fixed code to mitigate CVE-2011-3389 (BEAST Attack).

Recommendation: Sterling Connect:Direct for Microsoft Windows by default disables the RC4 stream cipher. If you enabled the RC4 stream cipher you are exposed to the RC4 “Bar Mitzvah” Attack for SSL/TLS. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.

Katalog: sar -> CMA -> OSA
sar -> 1. İstenmeyen tüylerin …kalıcı… olarak, yok edilmesine …epilasyon…
OSA -> Ibm® Sterling Connect: Direct
sar -> Amiloid -peptid által indukált komplement aktiváció gátlása kis molekulatömegű szintetikus vegyületekkel in vitro
sar -> Amiloid -peptid által indukált komplement aktiváció gátlása kis molekulatömegű szintetikus vegyületekkel in vitro
OSA -> Ibm® Sterling Connect: Direct
OSA -> Note, cd browser 07 and higher must now run with the Java Runtime Environment (jre) 5 or higher. List of Fixes (or Enhancements) included in Connect: Direct Browser User Interface 5 2

Download 84.26 Kb.

1 ... 15 16 17 18 19 20 21 22 ... 47

Download 84.26 Kb.