CVE-2013-6329
Severity CVSS v4.0:
Pending analysis
Type:
CWE-310
Cryptographic Issues
Publication date:
17/12/2013
Last modified:
29/08/2017
Description
IBM Global Security Kit (aka GSKit), as used in Content Manager OnDemand 8.5 and 9.0 and other products, allows remote attackers to cause a denial of service via a crafted handshake during resumption of an SSLv2 session.
Impact
Base Score 2.0
7.80
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ibm:content_manager_ondemand_for_multiplatforms:8.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:content_manager_ondemand_for_multiplatforms:9.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:global_security_kit:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:security_access_manager_for_web:6.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:security_access_manager_for_web:6.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:security_access_manager_for_web:6.1.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:security_access_manager_for_web:7.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/56058
- http://www-01.ibm.com/support/docview.wss?uid=swg21659548
- http://www-01.ibm.com/support/docview.wss?uid=swg21659716
- http://www-01.ibm.com/support/docview.wss?uid=swg21659837
- http://www-01.ibm.com/support/docview.wss?uid=swg21669554
- http://www-01.ibm.com/support/docview.wss?uid=swg21676091
- http://www-01.ibm.com/support/docview.wss?uid=swg21676092
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88939