CVE-2018-1518

Published: Oct 18, 2018Modified: Nov 21, 2024

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682.

Affected (2)

Products: Ibm: Infosphere Information Server, Infosphere Information Server On Cloud

Ibm

2 products

Infosphere Information Server

Infosphere Information Server On Cloud

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Infosphere Information Server	Version 11.7
Ibm Infosphere Information Server On Cloud	Version 11.7

Related CWEs

CWE-326

Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/141682

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

https://www.ibm.com/support/docview.wss?uid=swg22017446

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/141682

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

https://www.ibm.com/support/docview.wss?uid=swg22017446

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.