Описание
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100.
Ссылки
- VDB EntryVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:ibm:sterling_external_authentication_server:2.4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_external_authentication_server:6.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_external_authentication_server:6.0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_secure_proxy:3.4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_secure_proxy:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_secure_proxy:6.0.2:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:linux_on_ibm_z:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*
EPSS
Процентиль: 35%
0.00142
Низкий
5.9 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-327
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100.
EPSS
Процентиль: 35%
0.00142
Низкий
5.9 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-327