CVE-2021-20369

Published: Jul 13, 2021Modified: Nov 21, 2024

5.9

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195361.

Affected (1)

Products: Ibm: Cloud Pak For Applications

Ibm

1 product

Cloud Pak For Applications

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Cloud Pak For Applications	Before 4.3.1

Related CWEs

CWE-326

Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/195361

Source: psirt@us.ibm.com

VDB Entry

https://www.ibm.com/support/pages/node/6471331

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/195361

Source: af854a3a-2127-422b-91ae-364da2661108

VDB Entry

https://www.ibm.com/support/pages/node/6471331

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.