映射到 CWE-310,CWE-312,CWE-326 的搜索结果 (1813)
[原文]IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 makes it easier for man-in-the-middle attackers to decrypt traffic by leveraging a weakness in its encryption protocol. IBM X-Force ID: 105197.
[原文]In Philips Alice 6 System version R8.0.2 or prior, the lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys.
[原文]NetIQ Identity Manager driver, in versions prior to 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack.
[原文]The Remote Client and change management integrations in IBM Rational ClearCase 7.1.x, 8.0.0.x before 22.214.171.124, and 8.0.1.x before 126.96.36.199 do not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive information or modify network traffic via a crafted certificate. IBM X-Force ID: 106715.
[原文]Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability using SSL legacy encryption that could allow an attacker to gain unauthorized access to resources and information.
[原文]Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an SSL incorrect hostname certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information.