Medium Severity

Security Bulletin: Lucky 13 Attack Vulnerability in IBM Cloud Pak for Data Streams

Share this post:

The Lucky Thirteen attack is a crystallographic timing attack against implementations of the Transport Layer Security (TLS) protocol that use the CBC mode of operation. An attacker could perform man in the middle attacks to successfully obtain plain text from the secure channel.

Affected product(s) and affected version(s):

IBM Cloud Pak for Data Streams 3.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6370035

More stories