How severe is CVE-2024-22318?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2024-22318?

This is classified as CWE-327, which is a common weakness in software security.

CVE-2024-22318

MEDIUM Year: 2024

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-327

View all →

Vulnerability Description

IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will try to authenticate using the current user's session. The hostile server could capture the NTLM hash information to obtain the user's credentials. IBM X-Force ID: 279091.

CVE-2013-2213

MEDIUM

CVSS:5.5(Medium)

The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent atta...

CWE-3272013

CVE-2017-1571

MEDIUM

CVSS:5.5(Medium)

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive ...

CWE-3272017

CVE-2017-1575

MEDIUM

CVSS:5.5(Medium)

IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses weaker than expected cryptographic algorithms that could allow a local attacker to decrypt highly sens...

CWE-3272017

CVE-2018-1428

MEDIUM

CVSS:5.5(Medium)

IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X...

CWE-3272018

CVE-2019-18340

MEDIUM

CVSS:5.5(Medium)

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), Control Center Server (CCS) (All versions >= V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0), SiNV...

CWE-3272019

CVE-2019-20775

MEDIUM

CVSS:5.5(Medium)

An issue was discovered on LG mobile devices with Android OS 9.0 (Qualcomm SDM450, SDM845, SM6150, and SM8150 chipsets) software. Weak encryption leads to local information disclosure. The LG ID is LV...

CWE-3272019

CVE-2024-22318

Vulnerability Description

Related Vulnerabilities

CVE-2013-2213

CVE-2017-1571

CVE-2017-1575

CVE-2018-1428

CVE-2019-18340

CVE-2019-20775