7.5
CVE-2024-22347
- EPSS 0.03%
- Veröffentlicht 20.01.2025 18:15:13
- Zuletzt bearbeitet 14.08.2025 01:21:30
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Devops Velocity Version5.0.0
Ibm ≫ Urbancode Velocity Version >= 4.0.0 <= 4.0.15
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.09 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
The product uses a broken or risky cryptographic algorithm or protocol.