Vulnerability in Ibm Integration_bus

CVE-2015-0118

IBM WebSphere Message Broker Toolkit 7 before 7007 IF2 and 8 before 8005 IF1 and Integration Toolkit 9 before 9003 IF1 are distributed with MQ client JAR files that support only weak TLS ciphers, which might make it easier for remote attac…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.002 (43.1th percentile) — read the EPSS interpretation.

Affected products

Ibm Integration_bus — versions 9.0, 9.0.0.1, 9.0.0.2
Ibm Websphere_message_broker — versions 7.0., 7.0.0.1, 7.0.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
IT05725 (vendor-advisory, x_refsource_AIXAPAR)