Weaker Cryptographic Algorithms in IBM Cognos Controller Could Lead to Information Decryption
CVE-2023-40696
5.9MEDIUM
Summary
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 264939.
Affected Version(s)
Cognos Controller = 10.4.1, 10.4.2, 11.0.0
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
HIGH
Integrity:
NONE
Availability:
NONE
Attack Complexity:
HIGH
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Timeline
Risk change from: null to: 5.9 - (MEDIUM)
Vulnerability published.
Collectors
NVD DatabaseMitre Database