Vulnerability Name: CVE-2013-6329 (CCN-88939) Assigned: 2013-12-10 Published: 2013-12-10 Updated: 2017-08-29 Summary: IBM Global Security Kit (aka GSKit), as used in Content Manager OnDemand 8.5 and 9.0 and other products, allows remote attackers to cause a denial of service via a crafted handshake during resumption of an SSLv2 session. CVSS v3 Severity: 7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): High
CVSS v2 Severity: 7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C 5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Complete
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C 5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Complete
Vulnerability Type: CWE-310 Vulnerability Consequences: Denial of Service References: Source: MITRECVE-2013-6329 IBM Content Manager OnDemand GSKit SSLv2 Session Resuming Denial of Service Vulnerability IBM Tivoli Access Manager for e-business / Security Access Manager for Web GSKit Vulnerability IBM HTTP Server GSKit SSLv2 Session Resuming Denial of Service Vulnerability 56058 IBM Informix Products GSKit SSLv2 Session Resuming Denial of Service Vulnerability IBM TXSeries for Multiplatforms GSKit SSLv2 Session Resuming Denial of Service Vulnerability IBM Global Security ToolKit SSLv2 Session Resuming Denial of Service Vulnerability IBM Tivoli Netcool/OMNIbus Global Security Toolkit Two Denial of Service Vulnerabilities Potential Denial of service vulnerability in IBM HTTP Server (CVE-2013-6329) http://www-01.ibm.com/support/docview.wss?uid=swg21659548 CM OnDemand GSKit SSLV2 Resuming SSLV3 Vulnerability (CVE-2013-6329) http://www-01.ibm.com/support/docview.wss?uid=swg21659716 GSKit SSL negotiation vulnerability in Tivoli Access Manager for e-business (CVE-2013-6329) http://www-01.ibm.com/support/docview.wss?uid=swg21659837 IBM Rational ClearCase CCRC WAN Server remote denial of service (CVE-2013-6329) GSKit SSL negotiation vulnerability in TPM for OS Deployment and TPM for Images (CVE-2013-6329) Tivoli Netcool/OMNIbus Web GUI can be affected by a vulnerability in the IBM GSKit library (CVE-2013-6329) GSKit SSL negotiation vulnerability in Tivoli Directory Server (CVE-2013-6329) TXSeries for Multiplatforms V7.1 : Security vulnerability in using GSKit 8 version with IBM TXSeries for Multiplatforms Version 7.1 (CVE-2013-6329) Tivoli Netcool/OMNIbus can be affected by vulnerabilities in the IBM GSKit library http://www-01.ibm.com/support/docview.wss?uid=swg21669554 http://www-01.ibm.com/support/docview.wss?uid=swg21676091 http://www-01.ibm.com/support/docview.wss?uid=swg21676092 Potential SSL/TLS-related denial of service vulnerability in IBM Informix Client SDK (CVE-2013-6329) GSKit certificate chain vulnerability in IBM Security Directory Server and Tivoli Directory Server (CVE-2013-6747) Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5.2 Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 7.0.0.33 Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.9 Potential Security Vulnerability in IBM Tivoli Monitoring GSKit (CVE-2014-6747, CVE-2013-6329, CVE-2014-0169) Ephemeral RSA Vulnerability in Communications Server for Data Center Deployment, Communications Server for AIX, Communications Server for Linux, Communications Server for Linux on System z, Communications Server for Windows (CVE-2015-0 Content Manager OnDemand for Multiplatform SSLv2 Session Resumption Handling Remote DoS IBM Global Security Kit CVE-2013-6329 Remote Denial of Service Vulnerability ibm-gskit-cve20136329-dos(88939) ibm-gskit-cve20136329-dos(88939) Vulnerable Configuration: Configuration 1 :cpe:/a:ibm:content_manager_ondemand_for_multiplatforms:8.5:*:*:*:*:*:*:* OR cpe:/a:ibm:content_manager_ondemand_for_multiplatforms:9.0:*:*:*:*:*:*:* OR cpe:/a:ibm:global_security_kit:-:*:*:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:6.0:*:web:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:6.1:*:web:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:6.1.1:*:web:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:7.0:*:web:*:*:*:*:* Configuration CCN 1 :cpe:/a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:* OR cpe:/a:ibm:http_server:6.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_clearcase:7.0:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_clearcase:7.1:*:*:*:*:*:*:* OR cpe:/a:ibm:http_server:7.0:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_netcool/omnibus:7.3.0:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_directory_server:-:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:* OR cpe:/a:ibm:http_server:8.0:*:*:*:*:*:*:* OR cpe:/a:ibm:http_server:8.5:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_application_server:8.5.5:*:*:*:*:*:*:* OR cpe:/a:ibm:content_manager_ondemand_for_multiplatforms:8.5:*:*:*:*:*:*:* OR cpe:/a:ibm:content_manager_ondemand_for_multiplatforms:9.0:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_netcool/omnibus:7.3.1:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_netcool/omnibus:7.4.0:*:*:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:6.0:*:web:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:6.1:*:web:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:6.1.1:*:web:*:*:*:*:* OR cpe:/o:ibm:security_access_manager:7.0:*:web:*:*:*:*:* OR cpe:/a:ibm:rational_clearcase:8.0:*:*:*:*:*:*:* OR cpe:/a:ibm:security_directory_server:6.1:*:*:*:*:*:*:* OR cpe:/a:ibm:security_directory_server:6.2:*:*:*:*:*:*:* OR cpe:/a:ibm:security_directory_server:6.3:*:*:*:*:*:*:* OR cpe:/a:ibm:security_directory_server:6.3.1:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:* BACK
ibm content manager ondemand for multiplatforms 8.5
ibm content manager ondemand for multiplatforms 9.0
ibm global security kit -
ibm security access manager for web 6.0
ibm security access manager for web 6.1
ibm security access manager for web 6.1.1
ibm security access manager for web 7.0
ibm websphere application server 6.1
ibm http server 6.1
ibm rational clearcase 7.0
ibm websphere application server 7.0
ibm rational clearcase 7.1
ibm http server 7.0
ibm tivoli netcool/omnibus 7.3.0
ibm websphere application server 8.0
ibm tivoli directory server -
ibm websphere application server 8.5
ibm http server 8.0
ibm http server 8.5
ibm websphere application server 8.5.5
ibm content manager ondemand for multiplatforms 8.5
ibm content manager ondemand for multiplatforms 9.0
ibm tivoli netcool/omnibus 7.3.1
ibm tivoli netcool/omnibus 7.4.0
ibm security access manager for web 6.0
ibm security access manager for web 6.1
ibm security access manager for web 6.1.1
ibm security access manager 7.0
ibm rational clearcase 8.0
ibm security directory server 6.1
ibm security directory server 6.2
ibm security directory server 6.3
ibm security directory server 6.3.1
ibm tivoli monitoring 6.2.2
ibm tivoli monitoring 6.2.3
ibm tivoli monitoring 6.3.0
ibm tivoli monitoring 6.2.0
ibm tivoli monitoring 6.2.1
Denotes that component is vulnerable