CVE-2017-1366 MEDIUM

CVE-2017-1366

Vendor Ibm
Product Security Identity Governance and Intelligence
Published August 6, 2018
Last update September 17, 2024

CVSS base score

5.9/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.0/A:N/AC:H/AV:N/C:H/I:N/PR:N/S:U/UI:N/E:U/RC:C/RL:O

What the vulnerability does

01Description

IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126859.

Key dates

02Disclosure timeline

August 6, 2018 CVE published
September 17, 2024 Record updated