CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2018-06-18
Medium
CVE-2018-9028

Updating...
 

 
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.

 
2018-06-11
Medium
CVE-2018-5184

Vendor: Mozilla
Software: Thunderbird
 

 
Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

 
2018-05-23
Low
CVE-2017-2598

Vendor: Jenkins
Software: Jenkins
 

 
Jenkins before versions 2.44, 2.32.2 uses AES ECB block cipher mode without IV for encrypting secrets which makes Jenkins and the stored secrets vulnerable to unnecessary risks (SECURITY-304).

 
2018-05-18
Low
CVE-2017-9635

Vendor: Schneider-electric
Software: Ampla manufa...
 

 
Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user's password. Schneider Electric recommends that users of Ampla MES versions 6.4 and prior should upgrade to Ampla MES version 6.5 as soon as possible.

 
2018-05-17
Low
CVE-2018-1466

Vendor: IBM
Software: Spectrum vir...
 

 
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397.

 
2018-05-02
Medium
CVE-2017-1255

Vendor: IBM
Software: Security gua...
 

 
IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 124675.

 
2018-05-01
Low
CVE-2017-5535

Vendor: Tibco
Software: Datasynapse ...
 

 
The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encryption mechanisms and the use of weak ciphers. A malicious actor could theoretically compromise the traffic between any of the components. Affected releases include TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager: versions up to and including 5.1.3; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; and 6.2.0.

 
2018-04-27
Low
CVE-2014-0841

Vendor: IBM
Software: Rational foc...
 

 
IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack. IBM X-Force ID: 90704.

 
2018-04-26
Medium
CVE-2017-17543

Vendor: Fortinet
Software: Forticlient
 

 
Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encryption key and weak encryption algorithms.

 
2018-04-23
Low
CVE-2017-1701

Vendor: IBM
Software: Rational col...
 

 
IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 134393.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top