Vulnerability Description
IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and 9.0.0 through 9.0.3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 128605.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Security Access Manager For Web Firmware | 8.0.0 |
| Ibm | Security Access Manager For Web Appliance | - |
| Ibm | Security Access Manager For Mobile | 8.0.0 |
| Ibm | Security Access Manager For Mobile Appliance | - |
| Ibm | Security Access Manager Firmware | 9.0.0 |
| Ibm | Security Access Manager Appliance | - |
Related Weaknesses (CWE)
References
- http://www.ibm.com/support/docview.wss?uid=swg22012268Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/128605VDB EntryVendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg22012268Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/128605VDB EntryVendor Advisory
FAQ
What is CVE-2017-1473?
CVE-2017-1473 is a vulnerability with a CVSS score of 7.5 (HIGH). IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and 9.0.0 through 9.0.3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive inform...
How severe is CVE-2017-1473?
CVE-2017-1473 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-1473?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Security Access Manager For Web Firmware, Ibm Security Access Manager For Web Appliance, Ibm Security Access Manager For Mobile, Ibm Security Access Manager For Mobile Appliance, Ibm Security Access Manager Firmware.