5 matches found
Security Bulletin: IBM Security Verify Information Queue uses a relatively weak cryptographic algorithm to protect application data (CVE-2021-20406)
Summary The cryptographic algorithm that IBM Security Verify Information Queue ISIQ uses to encrypt and decrypt application data has a JSON web token JWT signing key that is shorter than the recommended length. As of v10.0.0, ISIQ has doubled the length of its JWT signing key to be in compliance...
CVE-2021-20406
creationtimestamp| type| source ---|---|--- 2021-02-12 20:43:48+00:00| seen| https://t.me/cibsecurity/23551...
CVE-2021-20406
IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196184...
CVE-2021-20406
CVE-2021-20406 affects IBM Security Verify Information Queue (ISIQ) versions 1.0.6 and 1.0.7. The issue arises from using weaker than expected cryptographic algorithms to encrypt/decrypt application data, potentially enabling an attacker to decrypt highly sensitive information. IBM’s security bul...
CVE-2021-20406 IBM Security Verify Information Queue information disclosure
IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196184...