HP SiteScope And HP Service Manager SSL/TLS RC4 Algorithm Information Disclosure Vulnerability
Gravité: : Critique
Date du conseil: 21 juillet 2015
Description
The RC4 algorithm, as used in the TLS protocol and SSL protocol in HP SiteScope and HP Service Manager, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1005641
Trend Micro Deep Security DPI Rule Name: 1005641 - Identified TLS/SSL RC4 Cipher Suite Is Being Supported
Affected software and version:
- HP Service Manager
- HP SiteScope