Vulnerabilities > CVE-2011-1560 - Credentials Management vulnerability in IBM Soliddb

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

ibm

CWE-255

critical

nessus

NVD

Published: 2011-04-05

Updated: 2017-08-17

Summary

solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x and 6.3.x before 6.3.47, and 6.5.x before 6.5.0.3 uses a password-hash length specified by the client, which allows remote attackers to bypass authentication via a short length value.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Soliddb 4.5.167 IBM Soliddb 4.5.168 IBM Soliddb 4.5.169 IBM Soliddb 4.5.173 IBM Soliddb 4.5.175 IBM Soliddb 4.5.176 IBM Soliddb 4.5.178 IBM Soliddb 4.5.179 IBM Soliddb 6.0.1060 IBM Soliddb 6.0.1061 IBM Soliddb 6.0.1064 IBM Soliddb 6.0.1065 IBM Soliddb 6.0.1066 IBM Soliddb 6.1 IBM Soliddb 6.1.18 IBM Soliddb 6.1.20 IBM Soliddb 6.3.33 IBM Soliddb 6.3.37 IBM Soliddb 6.3.38 IBM Soliddb 6.5.0.0 IBM Soliddb 6.5.0.1 IBM Soliddb 6.5.0.2 IBM Soliddb 6.30.0039 IBM Soliddb 6.30.0040 IBM Soliddb 6.30.0044	25

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

Nessus

NASL family	Databases
NASL id	SOLIDDB_PASSWD_HASH_LENGTH_CODE_EXEC.NASL
description	According to its build date, the version of IBM solidDB installed on the remote host is affected by an authentication bypass vulnerability because the application allows a remote attacker to specify the length of a password hash. A remote attacker, exploiting this flaw, could bypass authentication to the database.
last seen	2020-06-01
modified	2020-06-02
plugin id	53332
published	2011-04-08
reporter	This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/53332
title	IBM solidDB Password Hash Length Authentication Bypass

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References