Medium Severity

Security Bulletin: TLS Protocol DHE_EXPORT Ciphers Downgrade MitM (Logjam) vulnerability in IBM Cloud Pak for Data Streams

Share this post:

The Transport Layer Security (TLS) protocol contains a flaw that is triggered when handling DiffieHellman key exchanges defined with the DHE_EXPORT cipher. A man-in-the middle attacker may be able to downgrade the session to use EXPORT_DHE cipher suites. Thus, it is recommended to remove support for weak cipher suites.

Affected product(s) and affected version(s):

IBM Cloud Pak for Data Streams 3.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6370029

More stories