Lucene search

K
nvd[email protected]NVD:CVE-2023-40696
HistoryMay 03, 2024 - 6:15 p.m.

CVE-2023-40696

2024-05-0318:15:09
CWE-327
web.nvd.nist.gov
1
ibm
cognos controller
cryptographic
vulnerability
10.4.1
10.4.2
11.0.0

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

5.9

Confidence

High

EPSS

0

Percentile

9.0%

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 264939.

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

5.9

Confidence

High

EPSS

0

Percentile

9.0%

Related for NVD:CVE-2023-40696