Vulnerabilities > Inadequate Encryption Strength
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-05-02 | CVE-2017-1255 | Inadequate Encryption Strength vulnerability in IBM Security Guardium IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2018-05-01 | CVE-2017-5535 | Inadequate Encryption Strength vulnerability in Tibco Datasynapse Gridserver Manager The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. | 4.3 |
2018-04-27 | CVE-2014-0841 | Inadequate Encryption Strength vulnerability in IBM Rational Focal Point IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack. | 2.1 |
2018-04-26 | CVE-2017-17543 | Inadequate Encryption Strength vulnerability in Fortinet Forticlient and Forticlient Sslvpn Client Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encryption key and weak encryption algorithms. | 5.0 |
2018-04-23 | CVE-2017-1701 | Inadequate Encryption Strength vulnerability in IBM products IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information. | 4.0 |
2018-04-23 | CVE-2017-1473 | Inadequate Encryption Strength vulnerability in IBM products IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and 9.0.0 through 9.0.3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2018-04-18 | CVE-2018-7242 | Inadequate Encryption Strength vulnerability in Schneider-Electric products Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. | 9.8 |
2018-04-04 | CVE-2017-3971 | Inadequate Encryption Strength vulnerability in Mcafee Network Security Manager Cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to view confidential information via insecure use of RC4 encryption cyphers. | 6.5 |
2018-03-29 | CVE-2015-4953 | Inadequate Encryption Strength vulnerability in IBM Bigfix Remote Control 9.1.2 IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 makes it easier for man-in-the-middle attackers to decrypt traffic by leveraging a weakness in its encryption protocol. | 5.8 |
2018-03-08 | CVE-2018-4839 | Inadequate Encryption Strength vulnerability in Siemens products A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions), Other SIPROTEC 4 relays (All versions), Other SIPROTEC Compact relays (All versions), SIPROTEC 4 7SD80 (All versions < V4.70), SIPROTEC 4 7SJ61 (All versions < V4.96), SIPROTEC 4 7SJ62 (All versions < V4.96), SIPROTEC 4 7SJ64 (All versions < V4.96), SIPROTEC 4 7SJ66 (All versions < V4.30), SIPROTEC Compact 7SJ80 (All versions < V4.77), SIPROTEC Compact 7SK80 (All versions < V4.77). | 3.5 |