CVE-2014-3051 Information

Description

The Internet Service Monitor (ISM) agent in IBM Tivoli Composite Application Manager (ITCAM) for Transactions 7.1 and 7.2 before 7.2.0.3 IF28 7.3 before 7.3.0.1 IF30 and 7.4 before 7.4.0.0 IF18 does not verify X.509 certificates from SSL servers which allows man-in-the-middle attackers to spoof servers and obtain credential information via a crafted certificate.

Reference

http://secunia.com/advisories/59756 http://www-01.ibm.com/support/docview.wss?uid=swg21682290 https://exchange.xforce.ibmcloud.com/vulnerabilities/93444