Lucene search

IbmCVE-2015-0138

HistoryMar 25, 2015 - 1:59 a.m.

CVE-2015-0138

2015-03-2501:59:17

CWE-310

ibm

web.nvd.nist.gov

ibm

itds

isds

vulnerability

cipher-downgrade

tls

freak

cve-2015-0138

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.2

Confidence

Low

EPSS

0.949

Percentile

99.3%

JSON

GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server (ISDS) 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the “FREAK” issue, a different vulnerability than CVE-2015-0204.

Affected configurations

Nvd

Node

ibmtivoli_directory_serverRange≤6.0.0.73

ibmtivoli_directory_serverMatch6.1.0

ibmtivoli_directory_serverMatch6.1.0.0

ibmtivoli_directory_serverMatch6.1.0.1

ibmtivoli_directory_serverMatch6.1.0.2

ibmtivoli_directory_serverMatch6.1.0.3

ibmtivoli_directory_serverMatch6.1.0.4

ibmtivoli_directory_serverMatch6.1.0.5

ibmtivoli_directory_serverMatch6.1.0.6

ibmtivoli_directory_serverMatch6.1.0.7

ibmtivoli_directory_serverMatch6.1.0.8

ibmtivoli_directory_serverMatch6.1.0.9

ibmtivoli_directory_serverMatch6.1.0.10

ibmtivoli_directory_serverMatch6.1.0.11

ibmtivoli_directory_serverMatch6.1.0.12

ibmtivoli_directory_serverMatch6.1.0.13

ibmtivoli_directory_serverMatch6.1.0.14

ibmtivoli_directory_serverMatch6.1.0.15

ibmtivoli_directory_serverMatch6.1.0.17

ibmtivoli_directory_serverMatch6.1.0.18

ibmtivoli_directory_serverMatch6.1.0.19

ibmtivoli_directory_serverMatch6.1.0.20

ibmtivoli_directory_serverMatch6.1.0.21

ibmtivoli_directory_serverMatch6.1.0.22

ibmtivoli_directory_serverMatch6.1.0.23

ibmtivoli_directory_serverMatch6.1.0.24

ibmtivoli_directory_serverMatch6.1.0.25

ibmtivoli_directory_serverMatch6.1.0.26

ibmtivoli_directory_serverMatch6.1.0.27

ibmtivoli_directory_serverMatch6.1.0.28

ibmtivoli_directory_serverMatch6.1.0.29

ibmtivoli_directory_serverMatch6.1.0.30

ibmtivoli_directory_serverMatch6.1.0.31

ibmtivoli_directory_serverMatch6.1.0.32

ibmtivoli_directory_serverMatch6.1.0.33

ibmtivoli_directory_serverMatch6.1.0.34

ibmtivoli_directory_serverMatch6.1.0.35

ibmtivoli_directory_serverMatch6.1.0.36

ibmtivoli_directory_serverMatch6.1.0.37

ibmtivoli_directory_serverMatch6.1.0.38

ibmtivoli_directory_serverMatch6.1.0.39

ibmtivoli_directory_serverMatch6.1.0.40

ibmtivoli_directory_serverMatch6.1.0.41

ibmtivoli_directory_serverMatch6.1.0.42

ibmtivoli_directory_serverMatch6.1.0.43

ibmtivoli_directory_serverMatch6.1.0.44

ibmtivoli_directory_serverMatch6.1.0.45

ibmtivoli_directory_serverMatch6.1.0.46

ibmtivoli_directory_serverMatch6.1.0.47

ibmtivoli_directory_serverMatch6.1.0.48

ibmtivoli_directory_serverMatch6.1.0.49

ibmtivoli_directory_serverMatch6.1.0.50

ibmtivoli_directory_serverMatch6.1.0.51

ibmtivoli_directory_serverMatch6.1.0.52

ibmtivoli_directory_serverMatch6.1.0.53

ibmtivoli_directory_serverMatch6.1.0.54

ibmtivoli_directory_serverMatch6.1.0.55

ibmtivoli_directory_serverMatch6.1.0.56

ibmtivoli_directory_serverMatch6.1.0.57

ibmtivoli_directory_serverMatch6.1.0.58

ibmtivoli_directory_serverMatch6.1.0.59

ibmtivoli_directory_serverMatch6.1.0.60

ibmtivoli_directory_serverMatch6.1.0.61

ibmtivoli_directory_serverMatch6.1.0.62

ibmtivoli_directory_serverMatch6.1.0.63

ibmtivoli_directory_serverMatch6.1.0.64

ibmtivoli_directory_serverMatch6.1.0.65

ibmtivoli_directory_serverMatch6.1.0.66

ibmtivoli_directory_serverMatch6.2.0.0

ibmtivoli_directory_serverMatch6.2.0.1

ibmtivoli_directory_serverMatch6.2.0.2

ibmtivoli_directory_serverMatch6.2.0.3

ibmtivoli_directory_serverMatch6.2.0.4

ibmtivoli_directory_serverMatch6.2.0.5

ibmtivoli_directory_serverMatch6.2.0.6

ibmtivoli_directory_serverMatch6.2.0.7

ibmtivoli_directory_serverMatch6.2.0.8

ibmtivoli_directory_serverMatch6.2.0.10

ibmtivoli_directory_serverMatch6.2.0.11

ibmtivoli_directory_serverMatch6.2.0.12

ibmtivoli_directory_serverMatch6.2.0.13

ibmtivoli_directory_serverMatch6.2.0.14

ibmtivoli_directory_serverMatch6.2.0.15

ibmtivoli_directory_serverMatch6.2.0.19

ibmtivoli_directory_serverMatch6.2.0.20

ibmtivoli_directory_serverMatch6.2.0.21

ibmtivoli_directory_serverMatch6.2.0.22

ibmtivoli_directory_serverMatch6.2.0.23

ibmtivoli_directory_serverMatch6.2.0.24

ibmtivoli_directory_serverMatch6.2.0.25

ibmtivoli_directory_serverMatch6.2.0.26

ibmtivoli_directory_serverMatch6.2.0.27

ibmtivoli_directory_serverMatch6.2.0.29

ibmtivoli_directory_serverMatch6.2.0.30

ibmtivoli_directory_serverMatch6.2.0.31

ibmtivoli_directory_serverMatch6.2.0.32

ibmtivoli_directory_serverMatch6.2.0.33

ibmtivoli_directory_serverMatch6.2.0.34

ibmtivoli_directory_serverMatch6.2.0.35

ibmtivoli_directory_serverMatch6.2.0.36

ibmtivoli_directory_serverMatch6.2.0.37

ibmtivoli_directory_serverMatch6.2.0.38

ibmtivoli_directory_serverMatch6.2.0.39

ibmtivoli_directory_serverMatch6.2.0.40

ibmtivoli_directory_serverMatch6.2.0.41

ibmtivoli_directory_serverMatch6.2.0.42

ibmtivoli_directory_serverMatch6.3.0.0

ibmtivoli_directory_serverMatch6.3.0.1

ibmtivoli_directory_serverMatch6.3.0.2

ibmtivoli_directory_serverMatch6.3.0.8

ibmtivoli_directory_serverMatch6.3.0.9

ibmtivoli_directory_serverMatch6.3.0.10

ibmtivoli_directory_serverMatch6.3.0.11

ibmtivoli_directory_serverMatch6.3.0.12

ibmtivoli_directory_serverMatch6.3.0.14

ibmtivoli_directory_serverMatch6.3.0.15

ibmtivoli_directory_serverMatch6.3.0.17

ibmtivoli_directory_serverMatch6.3.0.18

ibmtivoli_directory_serverMatch6.3.0.19

ibmtivoli_directory_serverMatch6.3.0.21

ibmtivoli_directory_serverMatch6.3.0.22

ibmtivoli_directory_serverMatch6.3.0.23

ibmtivoli_directory_serverMatch6.3.0.24

ibmtivoli_directory_serverMatch6.3.0.25

ibmtivoli_directory_serverMatch6.3.0.26

ibmtivoli_directory_serverMatch6.3.0.27

ibmtivoli_directory_serverMatch6.3.0.28

ibmtivoli_directory_serverMatch6.3.0.29

ibmtivoli_directory_serverMatch6.3.0.30

ibmtivoli_directory_serverMatch6.3.0.31

ibmtivoli_directory_serverMatch6.3.0.32

ibmtivoli_directory_serverMatch6.3.0.33

ibmtivoli_directory_serverMatch6.3.0.34

ibmtivoli_directory_serverMatch6.3.0.35

ibmtivoli_directory_serverMatch6.3.1.0

ibmtivoli_directory_serverMatch6.3.1.5

ibmtivoli_directory_serverMatch6.3.1.6

ibmtivoli_directory_serverMatch6.3.1.7

ibmtivoli_directory_serverMatch6.3.1.8

ibmtivoli_directory_serverMatch6.3.1.9

VendorProductVersionCPE
ibmtivoli_directory_server*cpe:2.3:a:ibm:tivoli_directory_server:*:*:*:*:*:*:*:*
ibmtivoli_directory_server6.1.0cpe:2.3:a:ibm:tivoli_directory_server:6.1.0:*:*:*:*:*:*:*
ibmtivoli_directory_server6.1.0.0cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.0:*:*:*:*:*:*:*
ibmtivoli_directory_server6.1.0.1cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.1:*:*:*:*:*:*:*
ibmtivoli_directory_server6.1.0.2cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.2:*:*:*:*:*:*:*
ibmtivoli_directory_server6.1.0.3cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.3:*:*:*:*:*:*:*
ibmtivoli_directory_server6.1.0.4cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.4:*:*:*:*:*:*:*
ibmtivoli_directory_server6.1.0.5cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.5:*:*:*:*:*:*:*
ibmtivoli_directory_server6.1.0.6cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.6:*:*:*:*:*:*:*
ibmtivoli_directory_server6.1.0.7cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	tivoli_directory_server	*	cpe:2.3:a:ibm:tivoli_directory_server::::::::
ibm	tivoli_directory_server	6.1.0	cpe:2.3:a:ibm:tivoli_directory_server:6.1.0:::::::*
ibm	tivoli_directory_server	6.1.0.0	cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.0:::::::*
ibm	tivoli_directory_server	6.1.0.1	cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.1:::::::*
ibm	tivoli_directory_server	6.1.0.2	cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.2:::::::*
ibm	tivoli_directory_server	6.1.0.3	cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.3:::::::*
ibm	tivoli_directory_server	6.1.0.4	cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.4:::::::*
ibm	tivoli_directory_server	6.1.0.5	cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.5:::::::*
ibm	tivoli_directory_server	6.1.0.6	cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.6:::::::*
ibm	tivoli_directory_server	6.1.0.7	cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.7:::::::*