Cryptographic Weakness in IBM Data Risk Manager
CVE-2020-4614

3.7LOW

Key Information:

Vendor: IBM
Status: Data Risk Manager
Vendor: CVE Published:; 22 September 2020

Summary

IBM Data Risk Manager version 2.0.6 employs cryptographic algorithms that are weaker than industry standards, creating a potential risk for attackers to decrypt sensitive data. This vulnerability can compromise the confidentiality of critical information, posing significant security challenges for organizations utilizing this solution. Proper mitigation strategies and updates are essential to protect against potential exploitation.

Affected Version(s)

Data Risk Manager 2.0.6

References

https://www.ibm.com/support/pages/node/6335281

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/184927

vdb-entryx_refsource_XF

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 22, 2020
Vulnerability Reserved
Dec 30, 2019