2 matches found
CVE-2020-4778
IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a single instance which less safe than default SHA-256 cryptographic algorithm used throughout the Cúram application. IBM X-Force ID: 189156...
CVE-2020-4778
CVE-2020-4778 affects IBM Cúram Social Program Management, with vulnerable tokens hashed using MD5 in 7.0.9 and 7.0.10. Root cause: MD5 hashing of a token in a single instance, weaker than SHA-256 currently used in the app. Impact described by IBM: CVSS base score 5.9; confidentiality impact high...