CVE-2020-7339 Database Security(DBS)-Use of a Broken or Risky Cryptographic Algorithm

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors...

CVE-2020-7339

CVE-2020-7339 affects McAfee Database Security Server and Sensor prior to version 4.8.0. The vulnerability stems from the use of SHA-1 signed certificates, enabling an attacker on the same local network to potentially intercept communication between the Server and Sensors. Publicly available conn...

CVE-2020-4624

IBM Cloud Pak for Security 1.3.0.1 CP4S uses weaker than expected cryptographic algorithms during negotiation could allow an attacker to decrypt sensitive information...

CVE-2020-4624

CVE-2020-4624 affects IBM Cloud Pak for Security (CP4S) 1.3.0.1, where negotiation uses weaker cryptographic algorithms (e.g., TLS 1.0/1.1 not disabled by default), potentially allowing an attacker to decrypt sensitive information. Remediation: upgrade to CP4S v1.4.0.0 as documented by IBM.

IBM Sterling B2B Integrator 加密问题漏洞

IBM Sterling B2B Integrator is a transaction engine, a set of components that run the processes you define and manage based on your business needs. A weak cryptographic algorithm vulnerability exists in IBM Sterling B2B Integrator Standard Edition 5.2.0.0 - 6.0.3.2. An attacker could exploit this...

Design/Logic Flaw

IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a single instance which less safe than default SHA-256 cryptographic algorithm used throughout the Cúram application. IBM X-Force ID: 189156...

CVE-2020-4778

CVE-2020-4778 affects IBM Cúram Social Program Management, with vulnerable tokens hashed using MD5 in 7.0.9 and 7.0.10. Root cause: MD5 hashing of a token in a single instance, weaker than SHA-256 currently used in the app. Impact described by IBM: CVSS base score 5.9; confidentiality impact high...

CVE-2020-4778

IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a single instance which less safe than default SHA-256 cryptographic algorithm used throughout the Cúram application. IBM X-Force ID: 189156...

Security Bulletin: IBM Security Guardium is affected by a Use of a Broken or Risky Cryptographic Algorithm vulnerability

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-4191 DESCRIPTION: IBM Security Guardium uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base score: 4.1 CV...

CVE-2019-4325

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...

Design/Logic Flaw

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...

CVE-2019-4325

CVE-2019-4325 affects HCL AppScan Enterprise; root cause is the use of broken or risky cryptographic algorithms to store REST API user details. Impact and remediation details are not explicitly provided in the connected documents; refer to the CVE entry for basic score context (MEDIUM) and the ve...

CVE-2019-4325

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...

IBM Data Risk Manager weak encryption algorithm vulnerability (CNVD-2020-53514)

IBM Data Risk Manager is a data risk manager that helps discover, analyze and visualize business risks associated with data. A weak cryptographic algorithm vulnerability exists in IBM Data Risk Manager 2.0.6. An attacker could exploit the vulnerability to decrypt highly sensitive information...

Security Bulletin: Use of a Broken or Risky Cryptographic Algorithm in Resilient App Host (CVE-2020-4637)

Summary Resilient App Host Beta was using weaker than expected Cryptographic Algorithm. Vulnerability Details CVEID: CVE-2020-4637 DESCRIPTION: IBM Resilient uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base score: 5...

Security Bulletin: IBM Elastic Storage Server GUI is affected by weak cryptographic algorithm (CVE-2020-4349)

Summary A security vulnerability has been identified in all levels of IBM Elastic Storage Server GUI where weaker than expected cryptographic algorithms are permitted. A fix for this vulnerability is available. Vulnerability Details CVEID: CVE-2020-4349 DESCRIPTION: IBM Spectrum Scale 5.0.0.0...

Integer Overflow or Wraparound and Use of a Broken or Risky Cryptographic Algorithm in bcrypt

In bcrypt npm package before version 5.0.0, data is truncated wrong when its length is greater than 255 bytes...

CVE-2020-7514

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker access to the authorization credentials for a device and gain full access...

Authorization

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker access to the authorization credentials for a device and gain full access...

CVE-2020-7514

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker access to the authorization credentials for a device and gain full access...