IBM001D1C3ED296A60B9A1F311511FF2817FA18B528677474EF1E873A52013473D2Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by Use of a Broken or Risky Cryptographic Algorithm vulenrability (CVE-2017-1598)
EPSS
Percentile
45.2%
Summary
IBM Security Guardium Database Activity Monitor uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM Security Guardium Database Activity Monitor has fixed this vulenrability
Vulnerability Details
CVEID: CVE-2017-1598**
DESCRIPTION:** IBM Security Guardium Database Activity Monitor uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/132611 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
IBM Security Guardium Database Activity Monitor V10.0, 10.0.1, 10.1, 10.1.2, 10.1.3
Remediation/Fixes
Product
| VRMF| Remediation/First Fix
—|—|—
IBM Security Guardium Database Activity Monitor| 10.0-10.1.3| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=Linux&function=fixId&fixids=SqlGuard_10.0p400_GPU_Dec-2017-V10.1.4&includeSupersedes=0&source=fc
Workarounds and Mitigations
None
Related
EPSS
Percentile
45.2%