PT-2018-8253 · Tibco · Tibco Datasynapse Gridserver Manager

Publicado

2018-05-01

Atualizado

2019-10-09

CVE-2017-5535

CVSS v3.1

6.8

Média

Vetor

AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions: TIBCO DataSynapse GridServer Manager versions up to and including 6.2.0

Description: The issue is related to the improper use of encryption mechanisms and the use of weak ciphers in the GridServer Broker, GridServer Driver, and GridServer Engine components. This could allow a malicious actor to compromise the traffic between any of the components.

Recommendations: For versions up to and including 6.2.0, update to a version that addresses the improper use of encryption mechanisms and the use of weak ciphers to prevent potential traffic compromise.

Correção

Inadequate Encryption Strength

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-326

Identificadores relacionados

CVE-2017-5535

Produtos afetados

Tibco Datasynapse Gridserver Manager

PT-2018-8253 · Tibco · Tibco Datasynapse Gridserver Manager

CVE-2017-5535

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3