7.5

CVE-2017-1271

IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. IBM X-Force ID: 124746.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmSecurity Guardium Version9.0
IbmSecurity Guardium Version9.1
IbmSecurity Guardium Version9.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.84% 0.531
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-326 Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

http://www.ibm.com/support/docview.wss?uid=swg22010435
Vendor Advisory
Issue Tracking
http://www.securityfocus.com/bid/102034
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039961
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/124746
Vendor Advisory
VDB Entry
Issue Tracking