CVE-2012-0726

The default configuration of TLS in IBM Tivoli Directory Server (TDS) 6.3 and earlier supports the (1) NULL-MD5 and (2) NULL-SHA ciphers, which allows remote attackers to trigger unencrypted communication via the TLS Handshake Protocol.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
VendorProductVersion
ibmtivoli_directory_server
𝑥
≤ 6.3.0
ibmtivoli_directory_server
3.2.2
ibmtivoli_directory_server
4.1
ibmtivoli_directory_server
5.2.0
ibmtivoli_directory_server
6.0
ibmtivoli_directory_server
6.0.0
ibmtivoli_directory_server
6.0.0.7
ibmtivoli_directory_server
6.0.0.8
ibmtivoli_directory_server
6.0.0.69
ibmtivoli_directory_server
6.1.0
ibmtivoli_directory_server
6.1.0.45
ibmtivoli_directory_server
6.1.0.46
ibmtivoli_directory_server
6.1.0.47
ibmtivoli_directory_server
6.1.0.48
ibmtivoli_directory_server
6.2.0
ibmtivoli_directory_server
6.2.0.19
ibmtivoli_directory_server
6.2.0.20
ibmtivoli_directory_server
6.2.0.21
ibmtivoli_directory_server
6.2.0.22
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21591272
http://www.ibm.com/support/docview.wss?uid=swg1IO15761
http://www.ibm.com/support/docview.wss?uid=swg1IO16035
http://www.ibm.com/support/docview.wss?uid=swg1IO16036
http://www.securityfocus.com/bid/53043
http://www.securitytracker.com/id?1026939
https://exchange.xforce.ibmcloud.com/vulnerabilities/74303
http://www-01.ibm.com/support/docview.wss?uid=swg21591272
http://www.ibm.com/support/docview.wss?uid=swg1IO15761
http://www.ibm.com/support/docview.wss?uid=swg1IO16035
http://www.ibm.com/support/docview.wss?uid=swg1IO16036
http://www.securityfocus.com/bid/53043
http://www.securitytracker.com/id?1026939
https://exchange.xforce.ibmcloud.com/vulnerabilities/74303