Weaker Cryptographic Algorithms in IBM Security Access Manager Docker Releases Could Lead to Information Decryption

CVE-2023-38371

5.9MEDIUM

Key Information

Vendor: IBM
Status: Security Access Manager Docker
Vendor: Published:; 27 June 2024

Summary

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 261198.

Affected Version(s)

Security Access Manager Docker <= 10.0.7.1

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

HIGH

Integrity:

NONE

Availability:

NONE

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Timeline

Vulnerability published.
Jun 27, 2024
Vulnerability Reserved.
Jul 16, 2023

Collectors

NVD DatabaseMitre Database