Linux: MAC algorithms

This variable limits the types of MAC algorithms that SSH can use during communication. MD5 and 96-bit MAC algorithms are considered weak and have been shown to increase exploitability in SSH downgrade attacks. Weak algorithms continue to have a great deal of attention as a weak spot that can be...

IBM Security Identity Governance and Intelligence Information Disclosure Vulnerability (CNVD-2019-05515)

IBM Security Identity Governance and Intelligence IGI is a suite of identity governance solutions from IBM in the United States. The product includes features such as lifecycle management, access risk assessment and identity management. A security vulnerability exists in IBM Security IGI that ste...

Versa Networks: Passwords Stored Insecurely

In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation function prior to storage. Popular hashing algorithms based on the Merkle-Damgardconstruction such as MD5 and SHA-1 alone are insufficient in thwarting password...

[SECURITY] Fedora 29 Update: bouncycastle-1.61-1.fc29

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8...

Code injection

IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134177...

CVE-2017-1695

IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134177...

CVE-2017-1695

Summary: CVE-2017-1695 affects IBM QRadar SIEM (QRadar/QRM/QVM/QRIF/QNI) 7.2.x and 7.3.x. It arises from using weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. The IBM bulletin lists affected versions (7.2.0–7.2.8 Patch 11; 7.3....

CVE-2017-1695

IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134177...

Security Bulletin: IBM Spectrum Protect (formerly Tivoli Storage Manager) Client and IBM Spectrum Protect for Virtual Environments allow legacy SSL/TLS protocols and ciphers to be used (CVE-2018-1545)

Summary The IBM Spectrum Protect formerly Tivoli Storage Manager Client and IBM Spectrum Protect for Virtual Environments formerly Tivoli Storage Manager for Virtual Environments, allow legacy SSL/TLS protocols and ciphers to be used. This can result in the use of weaker than expected cryptograph...

Security Bulletin: IBM Spectrum Protect (formerly Tivoli Storage Manager) Client and IBM Spectrum Protect for Virtual Environments allow Triple DES (3DES) ciphers to be used (CVE-2018-1785)

Summary IBM Spectrum Protect formerly Tivoli Storage Manager and IBM Spectrum Protect for Virtual Environments allow Triple DES 3DES ciphers to be used. This can result in the use of weaker than expected cryptographic algorithms. Vulnerability Details CVEID: CVE-2018-1785 DESCRIPTION: IBM Tivoli...

Security Bulletin: IBM QRadar SIEM uses outdated hash algorithms. (CVE-2017-1695)

Summary The software uses an outdated or insecure cryptographic library or it is using a proprietary crypto standard which is likely to be vulnerable. Vulnerability Details CVEID: CVE-2017-1695 DESCRIPTION: IBM QRadar uses weaker than expected cryptographic algorithms that could allow an attacker...

CVE-2018-1751

IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 148512...

CVE-2018-1751

IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 148512...

Code injection

IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 148512...

[SECURITY] Fedora 29 Update: openssl-1.1.1a-1.fc29

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

Security Bulletin: IBM API Connect is affected by multiple GSKit and OpenSSL vulnerabilities

Summary IBM API Connect has addressed multiple vulnerabilities in GSKit and OpenSSL. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error when parsing DSA private keys. An attacker could exploit this vulnerability to...

Security Bulletin: IBM MQ Appliance is affected by weak cryptographic algorithms (CVE-2018-1665)

Summary IBM MQ Appliance has addressed the following weak cryptographic algorithms vulnerability. Vulnerability Details CVEID: CVE-2018-1665 DESCRIPTION: IBM WebSphere DataPower Appliances uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive...

Security Bulletin: Multiple vulnerabilities affect the GSKit component of IBM Tivoli Monitoring shipped with IBM Operations Analytics - Log Analysis

Summary The following security issues have been identified in the GSKit component included as part of the IBM Tivoil Monitoring product. Vulnerability Details CVEID: CVE-2018-1447 DESCRIPTION: The GSKit CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of...

MD5 and SHA-1 Still Used in 2018

Last week, the Scientific Working Group on Digital Evidence published a draft document -- "SWGDE Position on the Use of MD5 and SHA1 Hash Algorithms in Digital and Multimedia Forensics" -- where it accepts the use of MD5 and SHA-1 in digital forensics applications: While SWGDE promotes the adopti...

Code injection

IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 144891...