Vulnerability Description
IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-Force ID: 241045.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Application Server | 8.5 |
| Hp | Hp-Ux | - |
| Ibm | Aix | - |
| Ibm | I | - |
| Ibm | Z\/Os | - |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
| Oracle | Solaris | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/241045VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6857007PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/241045VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6857007PatchVendor Advisory
FAQ
What is CVE-2022-43917?
CVE-2022-43917 is a vulnerability with a CVSS score of 5.9 (MEDIUM). IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the co...
How severe is CVE-2022-43917?
CVE-2022-43917 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-43917?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Application Server, Hp Hp-Ux, Ibm Aix, Ibm I, Ibm Z\/Os.