Weak Cryptographic Algorithms in IBM Jazz Team Server
CVE-2020-4965

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Rational Doors Next Generation; Engineering Test Management; Rational Collaborative Lifecycle Management; Rational Engineering Lifecycle Manager
Vendor: CVE Published:; 12 April 2021

Summary

IBM Jazz Team Server products utilize cryptographic algorithms that do not meet sufficient security standards, potentially allowing attackers to decrypt sensitive information. This weakness poses significant risks for organizations relying on the integrity and confidentiality of their data. If exploited, it could lead to unauthorized access to critical information stored within the server, heightening the importance of transitioning to stronger cryptographic methods.

Affected Version(s)

Engineering Lifecycle Optimization 7.0

Engineering Lifecycle Optimization 7.0.1

Engineering Lifecycle Optimization 7.0.2

References

https://www.ibm.com/support/pages/node/6441803

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/192422

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 12, 2021
Vulnerability Reserved
Dec 30, 2019