CVE-2022-22313

Опубликовано: 06 мая 2023

Источник: nvd

CVSS3: 4.4

CVSS3: 7.5

EPSS Низкий

Описание

IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 217370.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/217370
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6980797
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/217370
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6980797
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:qradar_data_synchronization:*:*:*:*:*:*:*:*

Версия от 1.0 (включая) до 3.1.0 (исключая)

EPSS

Процентиль: 9%

0.00033

Низкий

4.4 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-327

Связанные уязвимости

GHSA-w8g3-3xjr-4mq8

CVSS3: 4.4

github

почти 3 года назад

IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 217370.

EPSS

Процентиль: 9%

0.00033

Низкий

4.4 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-327