CVE-2017-1504
IBM WebSphere Application Server version 9.0.0.4 could provide weaker than expected security after using the PasswordUtil command to enable AES password encryption. IBM X-Force ID: 129579.
Published at
2017-08-03T15:29Z
2481 days ago
Modified
2019-10-03T00:03Z
1691 days ago
NVD-CWE-noinfo
Problem type
Impact
- CVSS v3 vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Severity Score Vector
6.5CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NReferences
URL | Type |
---|---|
exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/129579 | MISC |
www.ibm.com http://www.ibm.com/support/docview.wss?uid=swg22006803 | CONFIRM |
100137 http://www.securityfocus.com/bid/100137 | BID |
GET https://vulnerabilitydata.com/api/details/CVE-2017-1504
{ "id": "CVE-2017-1504", "published_date": "2017-08-03T15:29Z", "last_modified_date": "2019-10-03T00:03Z", "assigner": "psirt@us.ibm.com", "description": "IBM WebSphere Application Server version 9.0.0.4 could provide weaker than expected security after using the PasswordUtil command to enable AES password encryption. IBM X-Force ID: 129579.", "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129579", "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129579", "refsource": "MISC", "tags": [ "VDB Entry", "Vendor Advisory" ] }, { "url": "http://www.ibm.com/support/docview.wss?uid=swg22006803", "name": "http://www.ibm.com/support/docview.wss?uid=swg22006803", "refsource": "CONFIRM", "tags": [ "Permissions Required", "Vendor Advisory" ] }, { "url": "http://www.securityfocus.com/bid/100137", "name": "100137", "refsource": "BID", "tags": [] } ], "impact": { "baseMetricV3": { "cvssV3": { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 3.6 }, "baseMetricV2": { "cvssV2": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4 }, "severity": "MEDIUM", "exploitabilityScore": 8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } }, "problem_type": "NVD-CWE-noinfo" }