CVE-2017-1575

Опубликовано: 20 июл. 2018

Источник: nvd

CVSS3: 5.1

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses weaker than expected cryptographic algorithms that could allow a local attacker to decrypt highly sensitive information. IBM X-Force ID: 132032.

Ссылки

http://www.ibm.com/support/docview.wss?uid=ibm10716997
Patch
Vendor Advisory
http://www.securityfocus.com/bid/104885
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/132032
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=ibm10716997
Patch
Vendor Advisory
http://www.securityfocus.com/bid/104885
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/132032
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:sterling_file_gateway:*:*:*:*:*:*:*:*

Версия от 2.2.0 (включая) до 2.2.6 (включая)

EPSS

Процентиль: 5%

0.00023

Низкий

5.1 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-327

Связанные уязвимости

GHSA-92cp-f5fr-233x

CVSS3: 5.5

github

больше 3 лет назад

EPSS

Процентиль: 5%

0.00023

Низкий

5.1 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-327