IBM Safter Payments information disclosure
CVE-2023-27557

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Safer Payments
Vendor: CVE Published:; 28 April 2023

Summary

IBM Counter Fraud Management for Safer Payments versions 6.1.0.00 to 6.5.0.00 utilize cryptographic algorithms that do not meet security expectations. This vulnerability may enable unauthorized decryption of sensitive information, leading to potential data breaches and alarming exposure of confidential data. Organizations using this software are encouraged to evaluate their exposure and implement appropriate security measures.

Affected Version(s)

Safer Payments 6.1.0.00 <= 6.1.1.02

Safer Payments 6.2.0.00 <= 6.2.2.02

Safer Payments 6.3.0.00 <= 6.3.1.02

References

https://www.ibm.com/support/pages/node/6985603

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/249192

vdb-entry

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 28, 2023
Vulnerability Reserved
Mar 2, 2023