Password Storage Vulnerability in IBM Endpoint Manager and Tivoli Remote Control
CVE-2013-5461
8.8HIGH
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 27 April 2018
Summary
The vulnerability in IBM Endpoint Manager for Remote Control and Tivoli Remote Control arises from the insecure storage of multiple hashes of partial passwords. This design flaw enables remote attackers to exploit access to these hashes, facilitating the decryption of passwords and potentially compromising sensitive information. Organizations using these products need to implement stronger password storage mechanisms to mitigate the risk of unauthorized access.
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved