5.5

CVE-2017-1571

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 131853.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmDb2 Version9.7
   LinuxLinux Kernel Version-
IbmDb2 Version10.1
   LinuxLinux Kernel Version-
IbmDb2 Version10.5
   LinuxLinux Kernel Version-
IbmDb2 Version11.1
   LinuxLinux Kernel Version-
IbmDb2 Version9.7
   MicrosoftWindows Version-
IbmDb2 Version10.1
   MicrosoftWindows Version-
IbmDb2 Version10.5
   MicrosoftWindows Version-
IbmDb2 Version11.1
   MicrosoftWindows Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.055
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
psirt@us.ibm.com 5.1 1.4 3.6
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

http://www.securityfocus.com/bid/103494
Third Party Advisory
VDB Entry