CVE-2016-5919

EPSS 0.13%
Veröffentlicht 16.02.2017 20:59:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle psirt@us.ibm.com
CVE-Watchlists
Login
Unerledigt
Login

IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM Reference #: 1996868.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Security Access Manager For Web 7.0 Firmware

Ibm ≫ Security Access Manager For Web Appliance Version7.0

Ibm ≫ Security Access Manager For Web 8.0 Firmware

Ibm ≫ Security Access Manager For Web Appliance Version8.0

Ibm ≫ Security Access Manager For Mobile

Ibm ≫ Security Access Manager For Mobile Appliance Version8.0

Ibm ≫ Security Access Manager 9.0 Firmware

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.13%	0.29

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-326 Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

http://www.ibm.com/support/docview.wss?uid=swg21996868

Patch

Vendor Advisory

http://www.securitytracker.com/id/1037855

https://nvd.nist.gov/vuln/detail/CVE-2016-5919

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-5919

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-5919

EUVD