Nov 25, 2020 7:00 pm EST
Categorized: Low Severity
Share this post:
IBM Cloud Pak for Security (CP4S) uses weaker than expected cryptographic algorithms during negotiation, which could allow an attacker to decrypt sensitive information. TLS 1.0 and 1.1 is not disabled by default in CP4S 126.96.36.199.
Affected product(s) and affected version(s):
|Cloud Pak for Security (CP4S)
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6372532