HP SiteScope And HP Service Manager SSL/TLS RC4 Algorithm Information Disclosure Vulnerability
2015年7月21日
危険度: : 緊急
概要
The RC4 algorithm, as used in the TLS protocol and SSL protocol in HP SiteScope and HP Service Manager, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1005641
Trend Micro Deep Security DPI Rule Name: 1005641 - Identified TLS/SSL RC4 Cipher Suite Is Being Supported
影響を受けるソフトウェア
- HP Service Manager
- HP SiteScope