CVE-2017-1571

Опубликовано: 22 мар. 2018

Источник: nvd

CVSS3: 5.1

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 131853.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg22012948
Vendor Advisory
http://www.securityfocus.com/bid/103494
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/131853
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg22012948
Vendor Advisory
http://www.securityfocus.com/bid/103494
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/131853
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:db2:11.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:db2:11.1:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 7%

0.00031

Низкий

5.1 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-327

Связанные уязвимости

GHSA-26qg-4hpq-vwx9

CVSS3: 5.5

github

больше 3 лет назад

EPSS

Процентиль: 7%

0.00031

Низкий

5.1 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-327