CVE-2024-22361

Summary

IBM Semeru Runtime 8.0.302.0 through 8.0.392.0, 11.0.12.0 through 11.0.21.0, 17.0.1.0 - 17.0.9.0, and 21.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 281222.

Affected Software

VendorProductVersion RangeStatus
IBMSemeru Runtime8.0.302.0 <= 8.0.392.0affected
IBMSemeru Runtime11.0.12.0 <= 11.0.21.0affected
IBMSemeru Runtime17.0.1.0 <= 17.0.9.0affected
IBMSemeru Runtime21.0.1.0affected

Weaknesses

  • CWE-327: CWE-327 Use of a Broken or Risky Cryptographic Algorithm

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References