CVE-2015-5012: The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not…

high7.5CVSS 3.0

AVNACLPRNUINSUCHINAN

The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.

Affected

26 ranges· showing 25

Vendor	Product	Version range	Fixed in
ibm	security_access_manager_9.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_8.0_firmware	—	—
ibm	security_access_manager_for_web_8.0_firmware	—	—
ibm	security_access_manager_for_web_8.0_firmware	—	—
ibm	security_access_manager_for_web_8.0_firmware	—	—
ibm	security_access_manager_for_web_8.0_firmware	—	—
ibm	security_access_manager_for_web_8.0_firmware	—	—