CVE-2016-0266

Name of the Vulnerable Software and Affected Versions IBM AIX versions 5.3, 6.1, 7.1, and 7.2 VIOS version 2.2.x

Description The issue allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors because the software does not default to the latest TLS version. This makes it easier for remote attackers to use man-in-the-middle techniques.

Recommendations For IBM AIX versions 5.3, 6.1, 7.1, and 7.2, update the configuration to require the newest version of TLS by default. For VIOS version 2.2.x, update the configuration to require the newest version of TLS by default.