exploitDog

CVE-2023-38371

Опубликовано: 27 июн. 2024

Источник: nvd

CVSS3: 5.9

CVSS3: 7.5

EPSS Низкий

Описание

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 261198.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/261198
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/7158790
Vendor Advisory
http://seclists.org/fulldisclosure/2024/Nov/0
http://seclists.org/fulldisclosure/2024/Nov/1
https://exchange.xforce.ibmcloud.com/vulnerabilities/261198
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/7158790
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:security_access_manager:*:*:*:*:*:*:*:*

Версия от 10.0.0.0 (включая) до 10.0.7.1 (включая)

EPSS

Процентиль: 21%

0.00065

Низкий

5.9 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-327

Связанные уязвимости

GHSA-7jwq-45p5-2xh3

CVSS3: 5.9

github

больше 1 года назад

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 261198.

EPSS

Процентиль: 21%

0.00065

Низкий

5.9 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-327