Vulnerabilities (CVE)

CWE filter

CWE-326

Filter

90 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-1338 1 Microsoft 2 Windows 7, Windows Server 2008 2019-10-15 4.3
A security feature bypass vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLMv2 protection if a client is also sending LMv2 responses, aka 'Windows NTLM Security Feature Bypass...
CVE-2019-4175 1 Ibm 1 Cognos Controller 2019-10-09 5.0
IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158880.
CVE-2019-4151 1 Ibm 1 Security Access Manager 2019-10-09 4.3
IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158512.
CVE-2019-3907 1 Identicard 1 Premisys Id 2019-10-09 5.0
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
CVE-2019-12665 1 Cisco 1 Ios 2019-10-09 5.8
A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port...
CVE-2019-0030 2019-10-09 4.0
Juniper ATP uses DES and a hardcoded salt for password hashing, allowing for trivial de-hashing of the password file contents. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.
CVE-2018-5461 1 Belden 134 Hirschmann M1-8mm-sc, Hirschmann M1-8sfp, Hirschmann M1-8sm-sc and 131 more 2019-10-09 5.8
An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vulnerability in the web interface has been...
CVE-2018-2007 1 Ibm 1 Api Connect 2019-10-09 5.0
IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 155078.
CVE-2018-1946 2019-10-09 5.0
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption...
CVE-2018-1925 1 Ibm 1 Websphere Mq 2019-10-09 4.3
IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 152925.
CVE-2018-1814 1 Ibm 1 Security Access Manager 2019-10-09 5.0
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 150018.
CVE-2018-1785 1 Ibm 2 Spectrum Protect Client, Spectrum Protect For Virtual Environments 2019-10-09 5.0
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870.
CVE-2018-1751 1 Ibm 1 Security Key Lifecycle Manager 2019-10-09 5.0
IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 148512.
CVE-2018-1665 1 Ibm 1 Datapower Gateway 2019-10-09 5.0
IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt...
CVE-2018-1593 2019-10-09 5.0
IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due to missing file checksums. IBM X-Force ID: 143568.
CVE-2018-1545 1 Ibm 2 Spectrum Protect Client, Spectrum Protect For Virtual Environments 2019-10-09 5.0
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 142649.
CVE-2018-19001 1 Philips 1 Healthsuite Health 2019-10-09 4.6
Philips HealthSuite Health Android App, all versions. The software uses simple encryption that is not strong enough for the level of protection required.
CVE-2018-0131 1 Cisco 2 Ios, Ios Xe 2019-10-09 4.3
A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session....
CVE-2017-7905 1 Ge 10 Multilin Sr 489 Generator Protection Relay Firmware, Multilin Urplus C90 Firmware, Multilin Urplus D90 Firmware and 7 more 2019-10-09 5.0
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469...
CVE-2017-5535 1 Tibco 1 Datasynapse Gridserver Manager 2019-10-09 4.3
The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encryption mechanisms and the use of weak ciphers....