Description

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 150018.

Remediation

References

CVE-2018-1814

Related Vulnerabilities

Ruby Improper Input Validation Vulnerability (CVE-2018-8779)

OpenSSL Cryptographic Issues Vulnerability (CVE-2015-0205)

Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9634)

WordPress 3.9.x PHP Object Injection (3.9 - 3.9.33)

WordPress Plugin Zotpress 'zotpress.rss.php' SQL Injection (4.4)

Severity

High

Classification

CVE-2018-1814 CWE-326 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities