← Back

CVE-2018-1428

nvd nist
Published: Mar 22, 2018Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 139073.

Affected (4)

Products: Ibm: Db2
Ibm
1 product
Db2
Configuration A
1 platform
Running on/withPlatform Versions
Linux
Linux Kernel
All versions
Configuration B
4 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ibm
Db2
Version 10.1
Db2
Version 10.5
Db2
Version 11.1
Db2
Version 9.7
Running on/withPlatform Versions
Microsoft
Windows
All versions

Related CWEs

CWE-327
Use of a Broken or Risky Cryptographic Algorithm
The product uses a broken or risky cryptographic algorithm or protocol.

References (8)

Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Third Party AdvisoryVDB Entry
Source: psirt@us.ibm.com
Third Party AdvisoryVDB Entry
Source: psirt@us.ibm.com
Third Party AdvisoryVDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB EntryVendor Advisory

Timeline

No history available yet.