CVE-2022-43917
5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-Force ID: 241045.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | WebSphere Application Server | 8.5, 9.0 | affected |
Weaknesses
- CWE-327: CWE-327 Use of a Broken or Risky Cryptographic Algorithm
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/6857007
- https://exchange.xforce.ibmcloud.com/vulnerabilities/241045
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.ibm.com/support/pages/node/6857007
- https://exchange.xforce.ibmcloud.com/vulnerabilities/241045
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.