Cryptographic Vulnerability in IBM Tivoli Endpoint Manager
CVE-2017-1224

7.5HIGH

Key Information:

Vendor

IBM
Status
Bigfix Family
Vendor
CVE Published:
19 July 2017

What is CVE-2017-1224?

IBM Tivoli Endpoint Manager has been identified as using cryptographic algorithms that do not meet expected security standards, enabling potential attackers to decrypt sensitive information. This vulnerability arises from the reliance on weaker algorithms, which could expose confidential data to unauthorized access and compromise system integrity. Organizations utilizing this product should review their security protocols and consider implementing robust encryption practices to mitigate risks associated with this issue.

Affected Version(s)

BigFix family 9.2

BigFix family 9.5

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/123903
x_refsource_MISC
http://www.securityfocus.com/bid/99916
vdb-entryx_refsource_BID
http://www.ibm.com/support/docview.wss?uid=swg22005246
x_refsource_CONFIRM

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2017-1224 : Cryptographic Vulnerability in IBM Tivoli Endpoint Manager