Description

IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-Force ID: 241045.

Related CPE's

a

ibm

websphere_application_server

2

o

hp

hp-ux

-

o

ibm

aix

-

o

ibm

i

-

o

ibm

z\/os

-

o

linux

linux_kernel

-

o

microsoft

windows

-

o

oracle

solaris

-

*

*

*

*

*

-

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/241045

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6857007

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/241045

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6857007

PatchVendor Advisory

Weaknesses

[email protected]

Secondary
CWE-327

[email protected]

Primary
CWE-327

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

5.9 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-01-26T20:17:49.503Z

2 years ago

Last modified

2024-11-21T06:27:21.630Z

1 year ago