Cryptographic Weakness in IBM Security Access Manager Appliance Products
CVE-2018-1814
5.9MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 13 December 2018
Summary
The IBM Security Access Manager Appliance versions 9.0.1.0 through 9.0.5.0 are impacted by a vulnerability that stems from the use of cryptographic algorithms that are weaker than anticipated. This vulnerability enables potential attackers to decrypt sensitive information, presenting significant security concerns for organizations relying on this product for safeguarding critical data assets. Users of the affected versions should review their configurations and consider immediate updates to protect against data breaches.
Affected Version(s)
Security Access Manager Appliance 9.0.1.0
Security Access Manager Appliance 9.0.2.0
Security Access Manager Appliance 9.0.3.0
References
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved