Readmes are available
Fixes are available
APAR status
Closed as program error.
Error description
CVE-2016-2183 describes a confidentiality leak when Triple-DES (3DES) 64-bit block cipher is negotiated and used to transmit hundreds of gigabytes of information.
Local fix
Disable TLS1.0 and TLS1.1 via IV82451 or via the following configuration: KDEBE_TLSV10_CIPHER_SPECS="" KDEBE_TLSV11_CIPHER_SPECS="" OR keep TLS1.0 and TLS1.1 active and remove the unwanted 3DES ciphers with the following configuration: KDEBE_TLSV10_CIPHER_SPECS="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_ WITH_AES_256_CBC_SHA" KDEBE_TLSV11_CIPHER_SPECS="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_ WITH_AES_256_CBC_SHA"
Problem summary
CVE-2016-2183 describes a confidentiality leak when Triple-DES(3DES) 64-bit block cipher is negotiated and used to transmit hundreds of gigabytes of information.
Problem conclusion
Added code to remove the usage of the weak ciphers The fix for this APAR is contained in the following maintenance packages: | service pack | 6.3.0.7-TIV-ITM-SP0001
Temporary fix
Comments
APAR Information
APAR number
IV94012
Reported component name
TEMS
Reported component ID
5724C04MS
Reported release
630
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2017-03-09
Closed date
2018-07-27
Last modified date
2019-05-08
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TEMS
Fixed component ID
5724C04MS
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTFXA","label":"Tivoli Monitoring"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"630","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
08 March 2023