Vulnerabilities (CVE)

CWE filter

CWE-326

Filter

114 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-1338 1 Microsoft 2 Windows 7, Windows Server 2008 2019-10-15 4.3
A security feature bypass vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLMv2 protection if a client is also sending LMv2 responses, aka 'Windows NTLM Security Feature Bypass...
CVE-2019-4175 1 Ibm 1 Cognos Controller 2019-10-09 5.0
IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158880.
CVE-2019-4151 1 Ibm 1 Security Access Manager 2019-10-09 4.3
IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158512.
CVE-2019-3907 1 Identicard 1 Premisys Id 2019-10-09 5.0
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
CVE-2019-12665 1 Cisco 1 Ios 2019-10-09 5.8
A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port...
CVE-2019-0030 2019-10-09 4.0
Juniper ATP uses DES and a hardcoded salt for password hashing, allowing for trivial de-hashing of the password file contents. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.
CVE-2018-5461 1 Belden 134 Hirschmann M1-8mm-sc, Hirschmann M1-8sfp, Hirschmann M1-8sm-sc and 131 more 2019-10-09 5.8
An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vulnerability in the web interface has been...
CVE-2018-2007 1 Ibm 1 Api Connect 2019-10-09 5.0
IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 155078.
CVE-2018-1946 2019-10-09 5.0
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption...
CVE-2018-1925 1 Ibm 1 Websphere Mq 2019-10-09 4.3
IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 152925.
CVE-2018-1814 1 Ibm 1 Security Access Manager 2019-10-09 5.0
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 150018.
CVE-2018-1785 1 Ibm 2 Spectrum Protect Client, Spectrum Protect For Virtual Environments 2019-10-09 5.0
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870.
CVE-2018-1751 1 Ibm 1 Security Key Lifecycle Manager 2019-10-09 5.0
IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 148512.
CVE-2018-1665 1 Ibm 1 Datapower Gateway 2019-10-09 5.0
IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt...
CVE-2018-1593 2019-10-09 5.0
IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due to missing file checksums. IBM X-Force ID: 143568.
CVE-2018-1545 1 Ibm 2 Spectrum Protect Client, Spectrum Protect For Virtual Environments 2019-10-09 5.0
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 142649.
CVE-2018-1518 1 Ibm 2 Infosphere Information Server, Infosphere Information Server On Cloud 2019-10-09 2.1
IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682.
CVE-2018-19001 1 Philips 1 Healthsuite Health 2019-10-09 4.6
Philips HealthSuite Health Android App, all versions. The software uses simple encryption that is not strong enough for the level of protection required.
CVE-2018-0448 2019-10-09 7.5
A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and take complete control of identity management functions. The...
CVE-2018-0131 1 Cisco 2 Ios, Ios Xe 2019-10-09 4.3
A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session....