CVE-2012-5770 | Vulnerability Database | Aqua Security

The SSL configuration in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 supports the MD5 hash algorithm, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic via a brute-force attack.

Affected Software

Name	Vendor	Start Version	End Version
Tivoli_application_dependency_discovery_manager	Ibm	7.2.0.0 (including)	7.2.0.0 (including)
Tivoli_application_dependency_discovery_manager	Ibm	7.2.1 (including)	7.2.1 (including)
Tivoli_application_dependency_discovery_manager	Ibm	7.2.1.3 (including)	7.2.1.3 (including)

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IV32391
http://www-01.ibm.com/support/docview.wss?uid=swg21626029
https://exchange.xforce.ibmcloud.com/vulnerabilities/80354
http://www-01.ibm.com/support/docview.wss?uid=swg1IV32391
http://www-01.ibm.com/support/docview.wss?uid=swg21626029
https://exchange.xforce.ibmcloud.com/vulnerabilities/80354

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-5770
CWE	https://cwe.mitre.org/data/definitions/16.html