Vulnerability in Ibm Java_sdk

CVE-2014-0878

The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Ref…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.006 (68.6th percentile) — read the EPSS interpretation.

Affected products

Ibm Java_sdk — versions 6.0.0.0, 6.0.1.0, 6.0.2.0
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

59022 (x_refsource_SECUNIA, third-party-advisory)
psirt@us.ibm.com (x_refsource_CONFIRM)
psirt@us.ibm.com (x_refsource_CONFIRM)
psirt@us.ibm.com (x_refsource_CONFIRM)
59058 (x_refsource_SECUNIA, third-party-advisory)
61264 (x_refsource_SECUNIA, third-party-advisory)
ibm-java-cve20140878-weak-sec(91084) (vdb-entry, x_refsource_XF)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
psirt@us.ibm.com (x_refsource_CONFIRM)
psirt@us.ibm.com (x_refsource_CONFIRM)