Weak Cryptographic Algorithms in IBM Engineering Lifecycle Optimization - Publishing Affecting Security
CVE-2024-41763

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Engineering Lifecycle Optimization Publishing
Vendor: CVE Published:; 4 January 2025

Summary

The vulnerability associated with IBM Engineering Lifecycle Optimization - Publishing pertains to the use of cryptographic algorithms that do not meet current security standards. As a result, an attacker could potentially decrypt highly sensitive information, leading to unauthorized access and data breaches. This weakness emphasizes the critical need for updating and strengthening cryptographic practices in software development to safeguard user data and maintain security integrity.

Affected Version(s)

Engineering Lifecycle Optimization Publishing 7.0.2, 7.0.3

References

https://www.ibm.com/support/pages/node/7180204

vendor-advisory

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 4, 2025
Vulnerability Reserved
Jul 22, 2024

Collectors

NVD DatabaseMitre Database