Weak Encryption Algorithm in IBM Flex System Manager Affects Security
CVE-2014-0897

Currently unrated

Key Information:

Vendor: IBM
Status: Flex System Manager
Vendor: CVE Published:; 29 August 2014

What is CVE-2014-0897?

The Configuration Patterns component in IBM Flex System Manager versions 1.2.0.x through 1.3.1.x utilizes a weak algorithm during the encryption process in Chassis Management Module account creation. This weakness allows remote authenticated users to potentially compromise cryptographic protections through unspecified methods, highlighting a significant risk to sensitive account information.

References

http://www.ibm.com/support/entry/portal/docdisplay?lndoci...

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1IT03824

vendor-advisoryx_refsource_AIXAPAR

https://exchange.xforce.ibmcloud.com/vulnerabilities/91395

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2014
Vulnerability Reserved
Jan 6, 2014