Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0848

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2014-0848
Last Modified 26 Mar 2014 01:50:53
Published 26 Mar 2014 06:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2014-0848

Summary

The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 before 2.0.0.4 have weak SSLCipherSuite values, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.

Vulnerable Systems

Application

  • Ibm Netezza Performance Portal 2.0.0.0

  • Ibm Netezza Performance Portal 2.0.0.1

  • Ibm Netezza Performance Portal 2.0.0.2

  • Ibm Netezza Performance Portal 2.0.0.3


References

XF - ibm-netezza-cve20140848-weak-sec(90723)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21665278


Last Updated: 27 May 2016 11:04:47