Document ID: TEC1482344Last Modified Date: 6/10/2016Authored By: Aryne
Introduction:
The Logjam: TLS vulnerabilities (CVE-2015-4000) refer to situations where a remote user can exploit a flaw in the Java SE, JRockit, and Java SE Embedded SSL/TLS JSSE component to partially access and partially modify data [CVE-2015-4000].
Question:
Environment:
TIM on MTP (Any Version)
Answer:
MTP does not run Java in any of its processes. It is installed as a prerequisite but is not running and none of our code uses it. There are never any active Java processes in MTP, hence this vulnerability should not be a concern in this case.
Additional Information:
For detailed information about these vulnerabilities, please see Logjam: TLS vulnerabilities (CVE-2015-4000)
Search the Entire CA APM Knowledge Base