Weak Cryptographic Algorithm in IBM Data Risk Manager
CVE-2021-38862

5.9MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
12 October 2021

Summary

IBM Data Risk Manager (iDNA) version 2.0.6 contains a vulnerability due to the use of cryptographic algorithms that are weaker than expected. This weakness may allow attackers to decrypt sensitive information, potentially leading to unauthorized access to confidential data. Organizations using this version should evaluate their risk exposure and consider immediate updates to strengthen data protection measures.

Affected Version(s)

Data Risk Manager 2.0.6

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.