X.509 Certificate Validation Bypass in Auto-Scaling Agent in IBM Bluemix
CVE-2016-0323 · MEDIUM Severity
AV:N/AC:L/AU:S/C:N/I:P/A:N
The Auto-Scaling agent in Liberty for Java in IBM Bluemix before 2.7-20160321-1358 allows remote authenticated users to disable X.509 certificate validation, and consequently bypass an intended HTTPS trust-management feature, via unspecified vectors.
Learn more about our Cis Benchmark Audit For Ibm I.