Vulnerability in Ibm Content_manager_ondemand_for_multiplatforms
CVE-2013-6329
IBM Global Security Kit (aka GSKit), as used in Content Manager OnDemand 8.5 and 9.0 and other products, allows remote attackers to cause a denial of service via a crafted handshake during resumption of an SSLv2 session.
Vulnerability class: POODLE (CVE-2014-3566)
EPSS: 0.024 (85.5th percentile) — read the EPSS interpretation.
Affected products
- Ibm Content_manager_ondemand_for_multiplatforms — versions 8.5, 9.0
- Ibm Global_security_kit
- Ibm Security_access_manager_for_web — versions 6.0, 6.1, 6.1.1
- N/a — versions n/a
Weakness classification (CWE)
References
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
- 56058 (x_refsource_SECUNIA, third-party-advisory)
- psirt@us.ibm.com (x_refsource_CONFIRM)
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- ibm-gskit-cve20136329-dos(88939) (vdb-entry, x_refsource_XF)
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- psirt@us.ibm.com (x_refsource_CONFIRM)