CVE-2020-4778

Summary

IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a single instance which less safe than default SHA-256 cryptographic algorithm used throughout the Cúram application. IBM X-Force ID: 189156.

Affected Software

VendorProductVersion RangeStatus
IBMCuram SPM7.0.9affected
IBMCuram SPM7.0.10affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References