Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2017-1665
Analyzed
More InfoOfficial Page
Source-psirt@us.ibm.com
View Known Exploited Vulnerability (KEV) details
Published At-04 Jan, 2018 | 17:29
Updated At-29 Apr, 2019 | 17:15

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 133559.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.05.9MEDIUM
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
CPE Matches
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.5.0
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.5.0.0
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.5.0.1
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.5.0.2
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.5.0.3
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.5.0.4
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.4:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.5.0.5
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.5:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.5.0.6
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.6:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.5.0.7
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.7:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.5.0.8
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.8:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.6.0
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.6.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.6.0.1
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.6.0.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.6.0.2
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.6.0.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.6.0.3
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.6.0.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.7.0
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.7.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.7.0.1
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.7.0.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>security_key_lifecycle_manager>>2.7.0.2
cpe:2.3:a:ibm:security_key_lifecycle_manager:2.7.0.2:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-326Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.ibm.com/support/docview.wss?uid=swg22012023psirt@us.ibm.com
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/133559psirt@us.ibm.com
VDB Entry
Vendor Advisory
https://www.debian.org/security/2018/dsa-4262psirt@us.ibm.com
Third Party Advisory
Change History
0Changes found
Details not found