Lucene search

[email protected]CVE-2021-39076

HistoryApr 19, 2022 - 5:15 p.m.

CVE-2021-39076

2022-04-1917:15:00

CWE-327

[email protected]

web.nvd.nist.gov

ibm

security

guardium

cve

2021

39076

vulnerability

encryption

cryptographic

algorithm

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

42.5%

JSON

IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 215585.

VendorProductVersionCPE
ibmsecurity_guardium10.5cpe:2.3:a:ibm:security_guardium:10.5:*:*:*:*:*:*:*
ibmsecurity_guardium11.3cpe:2.3:a:ibm:security_guardium:11.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	security_guardium	10.5	cpe:2.3:a:ibm:security_guardium:10.5:::::::*
ibm	security_guardium	11.3	cpe:2.3:a:ibm:security_guardium:11.3:::::::*

References

exchange.xforce.ibmcloud.com/vulnerabilities/215585

www.ibm.com/support/pages/node/6572979

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

42.5%

JSON

Related for CVE-2021-39076

prion1 ibm1