CVE-2016-3019

Опубликовано: 07 июн. 2017

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 114462.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg21988419
Patch
Vendor Advisory
http://www.securityfocus.com/bid/98832
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038616
https://exchange.xforce.ibmcloud.com/vulnerabilities/114462
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg21988419
Patch
Vendor Advisory
http://www.securityfocus.com/bid/98832
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038616
https://exchange.xforce.ibmcloud.com/vulnerabilities/114462
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:ibm:security_access_manager_9.0_firmware:*:*:*:*:*:*:*:*

EPSS

Процентиль: 33%

0.0013

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-326

Связанные уязвимости

GHSA-wj23-cpp8-q2wc