CVE-2012-0726

Severity

64%

Complexity

99%

Confidentiality

81%

The default configuration of TLS in IBM Tivoli Directory Server (TDS) 6.3 and earlier supports the (1) NULL-MD5 and (2) NULL-SHA ciphers, which allows remote attackers to trigger unencrypted communication via the TLS Handshake Protocol.

The default configuration of TLS in IBM Tivoli Directory Server (TDS) 6.3 and earlier supports the (1) NULL-MD5 and (2) NULL-SHA ciphers, which allows remote attackers to trigger unencrypted communication via the TLS Handshake Protocol.

CVSS 2.0 Base Score 6.4. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:N).

Overview

First reported 12 years ago

2012-04-22 18:55:00

Last updated 7 years ago

2017-12-19 02:29:00

Affected Software

IBM Tivoli Directory Server 3.2.2

3.2.2

IBM Tivoli Directory Server 4.1

4.1

IBM Tivoli Directory Server 5.2.0

5.2.0

IBM Tivoli Directory Server 6.0

6.0

IBM Tivoli Directory Server 6.0.0

6.0.0

IBM Tivoli Directory Server 6.0.0.7

6.0.0.7

IBM Tivoli Directory Server 6.0.0.8

6.0.0.8

IBM Tivoli Directory Server 6.0.0.69

6.0.0.69

IBM Tivoli Directory Server 6.1.0

6.1.0

IBM Tivoli Directory Server 6.1.0.45

6.1.0.45

IBM Tivoli Directory Server 6.1.0.46

6.1.0.46

IBM Tivoli Directory Server 6.1.0.47

6.1.0.47

IBM Tivoli Directory Server 6.1.0.48

6.1.0.48

IBM Tivoli Directory Server 6.2.0

6.2.0

IBM Tivoli Directory Server 6.2.0.19

6.2.0.19

IBM Tivoli Directory Server 6.2.0.20

6.2.0.20

IBM Tivoli Directory Server 6.2.0.21

6.2.0.21

IBM Tivoli Directory Server 6.2.0.22

6.2.0.22

IBM Tivoli Directory Server

References

IO15761

IO16035

IO16036

53043

1026939

http://www-01.ibm.com/support/docview.wss?uid=swg21591272

tds-nullcipher-weak-security(74303)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.