IBM7145FFDA4C1C1490C96FB86B9F68103F1AA831639B2BB113AD300CBEA66A081BSecurity Bulletin: IBM MQ Appliance is affected by weak cryptographic algorithms (CVE-2018-1665)
0.001 Low
EPSS
Percentile
44.4%
Summary
IBM MQ Appliance has addressed the following weak cryptographic algorithms vulnerability.
Vulnerability Details
CVEID: CVE-2018-1665
DESCRIPTION: IBM WebSphere DataPower Appliances uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Base Score: 5.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144891> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
IBM MQ Appliance 8.0
Maintenance levels between 8.0.0.0 and 8.0.0.10
IBM MQ Appliance 9.0.x Continuous Delivery (CD) Release
Continuous delivery updates 9.0.1 and 9.0.5
IBM MQ Appliance 9.1 Long Term Support (LTS) Release
Maintenance level 9.1.0.0
Remediation/Fixes
IBM MQ Appliance 8.0
Apply fixpack 8.0.0.11 or later.
IBM MQ Appliance 9.0.x Continuous Delivery (CD) Release
Apply 9.1.0.1 Long Term Support (LTS) Release , or 9.1.1 Continuous Delivery Release or later.
IBM MQ Appliance 9.1 Long Term Support (LTS) Release
Apply fixpack 9.1.0.1 or later.
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm mq appliance | eq | any |
Related
0.001 Low
EPSS
Percentile
44.4%