CVE-2015-5012

high

Description

The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21971422

http://www-01.ibm.com/support/docview.wss?uid=swg1IV78780

http://www-01.ibm.com/support/docview.wss?uid=swg1IV78768

Details

Source: Mitre, NVD

Published: 2016-02-15

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00278