comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL T0910, and in the comforte SecurCS, SecurFTP, SecurLib/SSL-AT, and SecurTN products), after executing the RELOAD CERTIFICATES command, does not ensure that clients use a strong TLS cipher suite, which makes it easier for remote attackers to defeat intended cryptographic protection mechanisms by sniffing the network. This is fixed in 21.6.0.
References
Link | Resource |
---|---|
https://comforte.com/cve-2018-6653/ | Third Party Advisory |
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03827en_us | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-03-01T00:00:00
Updated: 2018-03-05T06:57:01
Reserved: 2018-02-05T00:00:00
Link: CVE-2018-6653
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-03-01T00:29:00.207
Modified: 2019-10-03T00:03:26.223
Link: CVE-2018-6653
JSON object: View
Redhat Information
No data.
CWE