CVE-2022-22462

HIGH Year: 2022
CVSS v3 Score
7.5
High
Weakness Type
CWE-327
View all →

Vulnerability Description

IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225078.

Related Vulnerabilities

CVE-2002-2058

HIGH
CVSS:7.5(High)

TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash...

CWE-3272002

CVE-2005-2946

HIGH
CVSS:7.5(High)

The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certif...

CWE-3272005

CVE-2007-4150

HIGH
CVSS:7.5(High)

The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 uses weak cryptography (XOR) when (1) transmitting passwords, which allows remote attackers to obtain sensitive information ...

CWE-3272007

CVE-2008-3188

HIGH
CVSS:7.5(High)

libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords.

CWE-3272008

CVE-2012-5623

HIGH
CVSS:7.5(High)

Squirrelmail 4.0 uses the outdated MD5 hash algorithm for passwords.

CWE-3272012

CVE-2015-0226

HIGH
CVSS:7.5(High)

Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to...

CWE-3272015