Cryptographic Weakness in IBM Security Access Manager Appliance Products
CVE-2018-1814

5.9MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
13 December 2018

Summary

The IBM Security Access Manager Appliance versions 9.0.1.0 through 9.0.5.0 are impacted by a vulnerability that stems from the use of cryptographic algorithms that are weaker than anticipated. This vulnerability enables potential attackers to decrypt sensitive information, presenting significant security concerns for organizations relying on this product for safeguarding critical data assets. Users of the affected versions should review their configurations and consider immediate updates to protect against data breaches.

Affected Version(s)

Security Access Manager Appliance 9.0.1.0

Security Access Manager Appliance 9.0.2.0

Security Access Manager Appliance 9.0.3.0

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.