exploitDog

CVE-2014-0897

Опубликовано: 29 авг. 2014

Источник: nvd

CVSS2: 3.5

EPSS Низкий

Описание

The Configuration Patterns component in IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module (CMM) account creation, which makes it easier for remote authenticated users to defeat cryptographic protection mechanisms via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:flex_system_manager:1.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:flex_system_manager:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:flex_system_manager:1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:flex_system_manager:1.3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 27%

0.00093

Низкий

3.5 Low

CVSS2

Дефекты

CWE-310

Связанные уязвимости

GHSA-wqx6-r9qm-86q8

github

больше 3 лет назад

The Configuration Patterns component in IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module (CMM) account creation, which makes it easier for remote authenticated users to defeat cryptographic protection mechanisms via unspecified vectors.

EPSS

Процентиль: 27%

0.00093

Низкий

3.5 Low

CVSS2

Дефекты

CWE-310