Vulnerabilities > Inadequate Encryption Strength
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-01 | CVE-2018-1608 | Inadequate Encryption Strength vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2019-04-29 | CVE-2018-2007 | Inadequate Encryption Strength vulnerability in IBM API Connect IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2019-04-15 | CVE-2018-1925 | Inadequate Encryption Strength vulnerability in IBM Websphere MQ 9.1.0.0/9.1.0.1/9.1.1 IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.9 |
| 2019-04-07 | CVE-2019-10907 | Inadequate Encryption Strength vulnerability in Airsonic Project Airsonic 10.2.1 Airsonic 10.2.1 uses Spring's default remember-me mechanism based on MD5, with a fixed key of airsonic in GlobalSecurityConfig.java. | 9.8 |
| 2019-03-21 | CVE-2017-1713 | Inadequate Encryption Strength vulnerability in IBM Infosphere Streams 4.2.1 IBM InfoSphere Streams 4.2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.9 |
| 2019-02-21 | CVE-2018-1946 | Inadequate Encryption Strength vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. | 7.5 |
| 2019-02-21 | CVE-2013-7469 | Inadequate Encryption Strength vulnerability in Seafile Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks. | 7.5 |
| 2019-02-15 | CVE-2017-1695 | Inadequate Encryption Strength vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2019-02-08 | CVE-2019-7648 | Inadequate Encryption Strength vulnerability in Hotels Server Project Hotels Server 1.0/20181105 controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on base64 in an attempt to protect password storage. | 7.5 |
| 2019-01-23 | CVE-2018-1751 | Inadequate Encryption Strength vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |