Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM21D60E72AA46EFD1CA9719454AC3CCE1CCBFE7F399A1618CEDDF1A95FD03AF0D
HistoryNov 10, 2020 - 6:20 p.m.

Security Bulletin: A vulnerability in SSL implementation affects IBM SPSS Statistics Server

2020-11-1018:20:12
www.ibm.com
17

0.598 Medium

EPSS

Percentile

97.8%

JSON

Summary

Client initiated Renegotiation could lead to weak encrypted communication, therefore client initiated renegotiation should be disabled.

Vulnerability Details

CVEID:CVE-2011-1473
**DESCRIPTION:**Multiple implementations of the Transport Layer Security (TLS) protocol, including SSL, are vulnerable to a denial of service. By initiating multiple SSL renegotiation handshakes or by initiating many SSL connections, a remote attacker could exploit this vulnerability to utilize CPU resources.
CVSS Base score: 5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/71068 for the current score.
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Affected Products and Versions

Affected Product(s) Version(s)
SPSS Statistics Server 27.0

Remediation/Fixes

Affected Product(s) Version(s) Fix
SPSS Statistics Server 27.0 Upgrade to Ver 27.0.1

To download IBM SPSS Statistics 27.0.1, sign into IBM Passport Advantage Online (PAO) website. Note, you must be an authorized user from your company to sign in.
Enter “SPSS Statistics Server 27.0.1” text string for search by Product name.

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm spss statisticseq27.0

Related

nessus 9
kitploit 1
cve 2
f5 2
ubuntucve 2
prion 2
cvelist 2
nvd 2
openvas 3
ibm 1
securityvulns 4
nessus
nessus
Juniper Junos SSL/TLS Renegotiation DoS (JSA10580)
2013-07-16 00:00:00
SSL / TLS Renegotiation DoS
2011-05-04 00:00:00
Symantec (Blue Coat) Reporter Denial of Service vulnerability (SYMSA1280)
2019-05-23 00:00:00
kitploit
kitploit
Pentmenu - A simple Bash Script for Recon and DOS Attacks
2016-08-14 14:30:00
cve
cve
CVE-2011-5094
2022-10-03 16:15:12
CVE-2011-1473
2012-06-16 21:55:02
f5
f5
K15278 : SSL renegotiation vulnerability CVE-2011-1473
2014-06-19 00:00:00
SOL15278 - SSL renegotiation vulnerability CVE-2011-1473
2014-06-19 00:00:00
ubuntucve
ubuntucve
CVE-2011-5094
2012-06-16 00:00:00
CVE-2011-1473
2012-06-16 00:00:00
prion
prion
Design/Logic Flaw
2012-06-16 21:55:00
Design/Logic Flaw
2012-06-16 21:55:00
cvelist
cvelist
CVE-2011-5094
2022-10-03 16:15:12
CVE-2011-1473
2012-06-16 21:00:00
nvd
nvd
CVE-2011-5094
2012-06-16 21:55:02
CVE-2011-1473
2012-06-16 21:55:02
openvas
openvas
SSL/TLS: Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094)
2021-10-29 00:00:00
Sophos XG Firewall < 16.05.5 MR5 Multiple Vulnerabilities
2017-06-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:0469-1)
2021-06-09 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in TLS in Cloud Pak for Automation
2020-01-06 16:35:53
securityvulns
securityvulns
ESA-2014-009: RSA BSAFE® SSL-J Multiple Vulnerabilities
2014-04-07 00:00:00
RSA BSAFE multiple security vulnerabilities
2014-04-07 00:00:00
HP Onboard Administrator multiple security vulnerabilities
2012-06-17 00:00:00

0.598 Medium

EPSS

Percentile

97.8%

JSON
Related for 21D60E72AA46EFD1CA9719454AC3CCE1CCBFE7F399A1618CEDDF1A95FD03AF0D
nessus9kitploit1cve2f52ubuntucve2prion2cvelist2nvd2openvas3ibm1securityvulns4