CVE-2020-1810

There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information...

CVE-2020-1810

There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information...

CVE-2020-1810

There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information...

CVE-2020-1810

CVE-2020-1810 describes a weak RSA algorithm vulnerability in the SSL key exchange used by Huawei products. Affected Huawei devices include CloudEngine 12800, S5700, and S6700 series, with the underlying issue being the use of a weak RSA in the TLS/SSL handshake that can allow information leakage...

CVE-2019-19397

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks...

CVE-2019-19397

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks...

CVE-2019-19397

CVE-2019-19397 concerns Huawei VRP platforms where a weak cryptographic algorithm is enabled by default, exposing potential information leaks. Root cause: default use of weak algorithms in affected Huawei products. CVSS metrics indicate network exposure with high confidentiality impact (C/H) and ...

CVE-2019-19397

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks...

Security Advisory - Weak Algorithm Vulnerability in Some Huawei Products

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks. Vulnerability ID: HWPSIRT-2019-02008 This vulnerability has been assigned a Common Vulnerabilities and Exposur...

CVE-2019-10755

The CVE-2019-10755 entry concerns pac4j-saml and the 3.X release line. The issue is that the SAML identifier generated in SAML2Utils.java uses Apache Commons Lang3 RandomStringUtils, whose PRNG is not cryptographically strong, leading to predictable randomness for SAML identifiers. This weakness ...

Inadequate Encryption Strength in DotNetNuke

DNN aka DotNetNuke 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters...

Security feature bypass

Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS traffic between clients...

CVE-2017-17174

Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS traffic between clients...

CVE-2017-17174

Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS traffic between clients...

CVE-2017-17174

The CVE-2017-17174 entry corresponds to a weak algorithm vulnerability in multiple Huawei products (eSpace U1981, RSE6500, SoftCo, VP9660, etc.). An attacker who can observe TLS traffic between clients and affected devices could perform a Bleichenbacher attack on RSA key exchange to decrypt the s...

Security Advisory - Weak Algorithm Vulnerability in Some Huawei Products

There is a weak algorithm vulnerability in some Huawei products. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS traffic between clients and the affected products. The attacker may launch the Bleichenbacher attack on RSA key exchange to decrypt the session key...

Security Bulletin: Selection of Less-Secure Algorithm During Negotiation vulnerability affects IBM Security Guardium (CVE-2017-1271)

Summary IBM Security Guardium supports interaction between multiple actors but does not select the strongest algorithm that is available to both parties. IBM Security Guardium has provided a fix for this vulnerability. Vulnerability Details CVEID: CVE-2017-1271 DESCRIPTION: IBM Security Guardium...

Lenovo Fingerprint Manager Pro for Windows 7, 8, and 8.1 only (not 10) Insecure Credential Storage - Lenovo Support NL

No description provided...

CVE-2018-6619

Easy Hosting Control Panel EHCP v0.37.12.b makes it easier for attackers to crack database passwords by leveraging use of a weak hashing algorithm without a salt...

CVE-2014-0841

IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack. IBM X-Force ID: 90704...