IBM Security Guardium Insights Weak Cryptographic Algorithm Vulnerability (CNVD-2021-03713)

IBM Security Guardium Insights is a modern hybrid cloud data security hub designed to provide a reliable view of an organization's data security and compliance posture. A weak cryptographic algorithm vulnerability exists in IBM Security Guardium Insights 2.0.2. An attacker could exploit the...

CVE-2013-1053

In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and passwords is insecure. An attacker could use this vulnerability to recover usernames and passwords from the file. This issue affects version 1.0.0-0ubuntu3 and prior versions...

Default credentials

In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and passwords is insecure. An attacker could use this vulnerability to recover usernames and passwords from the file. This issue affects version 1.0.0-0ubuntu3 and prior versions...

CVE-2013-1053

In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and passwords is insecure. An attacker could use this vulnerability to recover usernames and passwords from the file. This issue affects version 1.0.0-0ubuntu3 and prior versions...

CVE-2013-1053 Insecure crypto for storing passwords

In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and passwords is insecure. An attacker could use this vulnerability to recover usernames and passwords from the file. This issue affects version 1.0.0-0ubuntu3 and prior versions...

CVE-2020-4595

IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184819...

IBM Security Guardium 加密问题漏洞

IBM Security Guardium Data Encryption GDE provides a modular set of encryption solutions that help security teams effectively implement data-at-rest security across the organization. A weak cryptographic algorithm vulnerability exists in IBM Security Guardium Data Encryption 3.0.0.2. An attacker...

IBM Security Guardium Insights 加密问题漏洞

IBM Security Guardium Insights is a modern hybrid cloud data security hub designed to provide a reliable view of an organization's data security and compliance posture. A weak cryptographic algorithm vulnerability exists in IBM Security Guardium Insights 2.0.2. An attacker could exploit the...

IBM Emptoris Strategic Supply Management Platform Weak Encryption Algorithm Vulnerability

The IBM Emptoris Strategic Supply Management Platform is the public portal to the Emptoris suite of products. A weak cryptographic algorithm vulnerability exists in IBM Emptoris Strategic Supply Management Platform 10.1.3. An attacker could exploit this vulnerability to decrypt highly sensitive...

Design/Logic Flaw

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors...

CVE-2020-7339

CVE-2020-7339 affects McAfee Database Security Server and Sensor prior to version 4.8.0. The vulnerability stems from the use of SHA-1 signed certificates, enabling an attacker on the same local network to potentially intercept communication between the Server and Sensors. Publicly available conn...

CVE-2020-7339 Database Security(DBS)-Use of a Broken or Risky Cryptographic Algorithm

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors...

CVE-2020-4624

IBM Cloud Pak for Security 1.3.0.1 CP4S uses weaker than expected cryptographic algorithms during negotiation could allow an attacker to decrypt sensitive information...

CVE-2020-4624

CVE-2020-4624 affects IBM Cloud Pak for Security (CP4S) 1.3.0.1, where negotiation uses weaker cryptographic algorithms (e.g., TLS 1.0/1.1 not disabled by default), potentially allowing an attacker to decrypt sensitive information. Remediation: upgrade to CP4S v1.4.0.0 as documented by IBM.

IBM Sterling B2B Integrator 加密问题漏洞

IBM Sterling B2B Integrator is a transaction engine, a set of components that run the processes you define and manage based on your business needs. A weak cryptographic algorithm vulnerability exists in IBM Sterling B2B Integrator Standard Edition 5.2.0.0 - 6.0.3.2. An attacker could exploit this...

Design/Logic Flaw

IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a single instance which less safe than default SHA-256 cryptographic algorithm used throughout the Cúram application. IBM X-Force ID: 189156...

CVE-2020-4778

IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a single instance which less safe than default SHA-256 cryptographic algorithm used throughout the Cúram application. IBM X-Force ID: 189156...

CVE-2020-4778

CVE-2020-4778 affects IBM Cúram Social Program Management, with vulnerable tokens hashed using MD5 in 7.0.9 and 7.0.10. Root cause: MD5 hashing of a token in a single instance, weaker than SHA-256 currently used in the app. Impact described by IBM: CVSS base score 5.9; confidentiality impact high...

Security Bulletin: IBM Security Guardium is affected by a Use of a Broken or Risky Cryptographic Algorithm vulnerability

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-4191 DESCRIPTION: IBM Security Guardium uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base score: 4.1 CV...

CVE-2019-4325

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...