CVE-2018-1814

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Security Access Manager Appliance
Vendor: CVE Published:; 13 December 2018

Summary

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 150018.

Affected Version(s)

Security Access Manager Appliance 9.0.1.0

Security Access Manager Appliance 9.0.2.0

Security Access Manager Appliance 9.0.3.0

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/150018

vdb-entryx_refsource_XF

http://www.ibm.com/support/docview.wss?uid=ibm10787785

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 13, 2018
Vulnerability Reserved
Dec 13, 2017