Weak Cryptographic Algorithms in IBM Spectrum Scale Affecting Sensitive Data
CVE-2022-22368

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Spectrum Scale
Vendor: CVE Published:; 3 May 2022

What is CVE-2022-22368?

IBM Spectrum Scale versions 5.1.0 through 5.1.3.0 are impacted by vulnerabilities due to the use of cryptographic algorithms that fail to meet adequate security standards. This weakness allows potential attackers to exploit the system, granting them the ability to decrypt sensitive data that should be securely protected. Organizations utilizing this product are encouraged to evaluate their systems and apply necessary updates to mitigate risk.

Affected Version(s)

Spectrum Scale 5.1.0

Spectrum Scale 5.1.3.0

References

https://www.ibm.com/support/pages/node/6579139

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/221012

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 3, 2022
Vulnerability Reserved
Jan 3, 2022