Описание
The IBM Watson Developer Cloud services on Bluemix platforms do not properly generate random numbers for service-instance credentials, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:ibm:watson_developer_cloud:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:bluemix:-:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00861
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
The IBM Watson Developer Cloud services on Bluemix platforms do not properly generate random numbers for service-instance credentials, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
EPSS
Процентиль: 75%
0.00861
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-284