Vulnerability Description
The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 before 2.0.0.4 have weak SSLCipherSuite values, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Netezza Performance Portal | 2.0.0.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21665278Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90723
- http://www-01.ibm.com/support/docview.wss?uid=swg21665278Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90723
FAQ
What is CVE-2014-0848?
CVE-2014-0848 is a vulnerability with a CVSS score of 3.5 (LOW). The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 before 2.0.0.4 have weak SSLCipherSuite values, which makes it easier for remote att...
How severe is CVE-2014-0848?
CVE-2014-0848 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0848?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Netezza Performance Portal.