Cryptographic Weakness in IBM Guardium Data Encryption Products
CVE-2021-20379

5.9MEDIUM

Key Information:

Vendor
IBM
Status
Guardium Data Encryption
Vendor
CVE Published:
7 July 2021

Summary

IBM Guardium Data Encryption versions 3.0.0.3 and 4.0.0.4 utilize cryptographic algorithms that are weaker than expected. This vulnerability could allow attackers to decrypt sensitive information, potentially leading to unauthorized access to critical data. Organizations using these versions should assess their exposure and apply necessary mitigations to secure their data.

Affected Version(s)

Guardium Data Encryption 3.0.0.2

Guardium Data Encryption 4.0.0.4

References

https://www.ibm.com/support/pages/node/6469407
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/195711
vdb-entryx_refsource_XF

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.