7.5
CVE-2024-37068
- EPSS 0.07%
- Veröffentlicht 07.09.2024 14:15:02
- Zuletzt bearbeitet 21.09.2024 10:15:05
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM Maximo Application Suite information disclosure
IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information using man in the middle techniques.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Maximo Application Suite Version8.10
Ibm ≫ Maximo Application Suite Version8.11
Ibm ≫ Maximo Application Suite Version9.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.212 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
The product uses a broken or risky cryptographic algorithm or protocol.