QwikSec

Security Database

CVE

CWE

Training

CVE-2013-4062

Published: Sep 9, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

IBM Rational Policy Tester 8.5 before 8.5.0.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof Jazz Team servers, obtain sensitive information, and modify the client-server data stream via a crafted certificate.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www-01.ibm.com/support/docview.wss?uid=swg21648481

x_refsource_CONFIRM

policytester-cve20134062-jazz-ssl(86586)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.