7.5
CVE-2024-27255
- EPSS 0.03%
- Veröffentlicht 03.03.2024 12:15:36
- Zuletzt bearbeitet 23.12.2024 17:32:58
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 283905.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Mq Operator SwEdition- Version >= 2.2.0 <= 2.2.2
Ibm ≫ Mq Operator SwEdition- Version >= 2.3.0 <= 2.3.3
Ibm ≫ Mq Operator SwEdition- Version >= 2.4.0 <= 2.4.7
Ibm ≫ Mq Operator Version2.0.0 SwEditionlts
Ibm ≫ Mq Operator Version2.0.18 SwEditionlts
Ibm ≫ Mq Operator Version3.0.0 SwEditioncd
Ibm ≫ Mq Operator Version3.0.1 SwEditioncd
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.069 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
The product uses a broken or risky cryptographic algorithm or protocol.