Huawei DBS3900 TDD LTE Weak Encryption Algorithm Vulnerability

DBS3900 TDD LTE is a modular design network equipment product from Huawei, China. The Huawei DBS3900 TDD LTE suffers from a weak encryption algorithm vulnerability, which can be exploited by remote attackers to crack the encrypted data, leading to information leakage...

CVE-2018-1425

IBM Security Guardium Big Data Intelligence SonarG 3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 139003...

OpenJDK: insufficient strength of key agreement (JCE, 8185292)

It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using...

IBM Tivoli Key Lifecycle Manager Information Disclosure Vulnerability (CNVD-2018-01130)

IBM Tivoli Key Lifecycle Manager enables you to locally create, distribute, back up, archive and manage the lifecycle of keys and certificates in your organization. An information disclosure vulnerability exists in IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7. The vulnerability arises becau...

CVE-2017-1598

IBM Security Guardium 10.0 Database Activity Monitor uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 132611...

Citrix NetScaler Application Delivery Controller and NetScaler Gateway Information Disclosure Vulnerability

Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway formerly known as Citrix Access Gateway Enterprise Edition are both products of Citrix Systems. NetScaler ADC is a service and application delivery solution Application Delivery Controller; NetScaler Gateway is a secure...

CVE-2017-8157

OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability. Products use TLS1.0 to encrypt. Attackers can exploit TLS1.0's vulnerabilities to decrypt data to obtain sensitive information...

CVE-2017-8157

OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability. Products use TLS1.0 to encrypt. Attackers can exploit TLS1.0's vulnerabilities to decrypt data to obtain sensitive information...

CVE-2017-1375

IBM System Storage Storwize V7000 Unified V7000U 1.5 and 1.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126868...

Juniper SRX300 Series Trusted Platform Module Firmware Information Disclosure Vulnerability

The Juniper SRX300 Series is a firewall product from Juniper Networks, Inc.The Trusted Platform Module TPM is one of the test platform modules. A security vulnerability exists in the TPM firmware version 4.40 in the Juniper SRX300 Series in the process of generating encryption keys. An attacker...

CVE-2017-9645

An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants including RSD31-AM Package, DRM-1/2 and variants including Solar PWR Package, DRM and RDS Based Boundary Monitors, External Transmitters,...

CVE-2017-9645

CVE-2017-9645 affects Mirion Technologies Telemetry Enabled Devices including DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX (and variants), DRM-1/2 (and variants), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater. Description: Inade...

CVE-2017-9645

An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants including RSD31-AM Package, DRM-1/2 and variants including Solar PWR Package, DRM and RDS Based Boundary Monitors, External Transmitters,...

IBM Tivoli Endpoint Manager Encryption Algorithm Vulnerability

IBM BigFix Platform is IBM's dynamic multi-technology platform that integrates message content drivers and management systems, of which Tivoli Endpoint Manager is the endpoint control software. A cryptographic algorithm vulnerability exists in Tivoli Endpoint Manager in the IBM BigFix Platform th...

CVE-2017-1179

IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123431...

CVE-2017-1179

IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123431...

OneLogin: Breach Exposed Ability to Decrypt Data

OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data. Headquartered in San Francisco, OneLogin provides single sign-on and...

CVE-2017-4896

CVE-2017-4896 affects VMware Airwatch Inbox for Android, where a rooted device may decrypt local app data, enabling potential confidential data disclosure. The vulnerability stems from weaknesses in local data protection within the Airwatch Inbox component. Affected software is Airwatch Inbox for...

CVE-2017-7307

Riverbed RiOS before 9.0.1 is vulnerable to an elevation-of-privilege in which shell access is not properly restricted in single-user mode. An attacker with physical proximity can replace the /opt/tms/bin/cli binary to obtain root privileges and access decrypted data. The CVSS data indicates high...

Apache mod_session_crypto - Padding Oracle Vulnerability

Apache modsessioncrypto versions 2.3 through 2.5 suffer form a padding oracle vulnerability. Padding Oracle in Apache modsessioncrypto During a penetration test, RedTeam Pentesting discovered a Padding Oracle vulnerability in modsessioncrypto of the Apache web server. This vulnerability can be...