7.5

CVE-2018-1785

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmSpectrum Protect Client Version >= 7.1.0.0 <= 7.1.8.3
IbmSpectrum Protect Client Version >= 8.1.0.0 <= 8.1.4.1
IbmSpectrum Protect For Virtual Environments SwPlatformhyper-v Version >= 7.1.0.0 <= 7.1.8.0
IbmSpectrum Protect For Virtual Environments SwPlatformvmware Version >= 7.1.0.0 <= 7.1.8.2
IbmSpectrum Protect For Virtual Environments SwPlatformhyper-v Version >= 8.1.0.0 <= 8.1.4.0
IbmSpectrum Protect For Virtual Environments SwPlatformvmware Version >= 8.1.0.0 <= 8.1.4.1
IbmSpectrum Protect Client Version >= 8.1.0.0 <= 8.1.4.2
   ApplemacOS Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.13% 0.621
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
psirt@us.ibm.com 3.7 2.2 1.4
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE-326 Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

http://www.ibm.com/support/docview.wss?uid=ibm10729873
Vendor Advisory
http://www.securitytracker.com/id/1041716
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/148870
Vendor Advisory
VDB Entry