PT-2016-4117 · Ibm · Aix+2

Published

2016-07-26

Updated

2021-08-31

CVE-2016-0266

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM AIX versions 5.3, 6.1, 7.1, and 7.2 VIOS version 2.2.x

Description The issue allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors because the software does not default to the latest TLS version. This makes it easier for remote attackers to use man-in-the-middle techniques.

Recommendations For IBM AIX versions 5.3, 6.1, 7.1, and 7.2, update the configuration to require the newest version of TLS by default. For VIOS version 2.2.x, update the configuration to require the newest version of TLS by default.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-254

Related Identifiers

CVE-2016-0266

Affected Products

Aix

Ibm Aix

Vios

PT-2016-4117 · Ibm · Aix+2

CVE-2016-0266

Weakness Enumeration

Related Identifiers

Affected Products

References · 12