What is CVE-2015-0138?

CVE-2015-0138 is a vulnerability in Ibm Tivoli_directory_server, classified under Cryptographic Issues. Published 2015-03-25.

Is CVE-2015-0138 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ibm Tivoli_directory_server

CVE-2015-0138

GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server (ISDS) 6.3…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.009 (76.4th percentile) — read the EPSS interpretation.

Affected products

Ibm Tivoli_directory_server — versions 6.1.0, 6.1.0.0, 6.1.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

Public proof-of-concept exploits

mawinkler/c1-ws-ansible

References

RHSA-2015:1007 (x_refsource_REDHAT, vendor-advisory)
73326 (vdb-entry, x_refsource_BID)
RHSA-2015:1006 (x_refsource_REDHAT, vendor-advisory)
RHSA-2015:1091 (x_refsource_REDHAT, vendor-advisory)
psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
SUSE-SU-2015:1138 (vendor-advisory, x_refsource_SUSE)
RHSA-2015:1020 (x_refsource_REDHAT, vendor-advisory)
SUSE-SU-2015:1086 (vendor-advisory, x_refsource_SUSE)
SUSE-SU-2015:1085 (vendor-advisory, x_refsource_SUSE)

Frequently asked questions

What is CVE-2015-0138?: CVE-2015-0138 is a vulnerability in Ibm Tivoli_directory_server, classified under Cryptographic Issues. Published 2015-03-25.
Is CVE-2015-0138 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.