Weak Cryptographic Algorithm in IBM Spectrum Copy Data Management Affects Sensitive Data Security
CVE-2021-38947

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Spectrum Copy Data Management
Vendor: CVE Published:; 13 December 2021

What is CVE-2021-38947?

IBM Spectrum Copy Data Management versions 2.2.13 and earlier are impacted by a vulnerability due to the utilization of cryptographic algorithms that do not meet expected strength standards. This weakness could potentially allow attackers to access and decrypt sensitive data, posing a significant risk to data security. Organizations using affected versions should review their implementations and consider applying security patches to mitigate potential threats.

Affected Version(s)

Spectrum Copy Data Management 2.2.13

References

https://www.ibm.com/support/pages/node/6525554

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/211242

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 13, 2021
Vulnerability Reserved
Aug 16, 2021