CVE-2022-43922

MEDIUM Year: 2022
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-326
View all →

Vulnerability Description

IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.

Related Vulnerabilities

CVE-2015-5361

MEDIUM
CVSS:6.5(Medium)

Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific...

CWE-3262015

CVE-2016-3019

MEDIUM
CVSS:6.5(Medium)

IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 114462.

CWE-3262016

CVE-2017-3971

MEDIUM
CVSS:6.5(Medium)

Cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to view confidential information via insecure use of RC4 encryption cyph...

CWE-3262017

CVE-2017-9645

MEDIUM
CVSS:6.5(Medium)

An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 an...

CWE-3262017

CVE-2018-5461

MEDIUM
CVSS:6.5(Medium)

An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vuln...

CWE-3262018

CVE-2019-10638

MEDIUM
CVSS:6.5(Medium)

In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to mul...

CWE-3262019