CVE-2024-37068

IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information using man in the middle techniques.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:maximo_application_suite:8.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_application_suite:8.11:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_application_suite:9.0:*:*:*:*:*:*:*

History

21 Sep 2024, 10:15

Type Values Removed Values Added
Summary (en) IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. (en) IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information using man in the middle techniques.

13 Sep 2024, 21:04

Type Values Removed Values Added
First Time Ibm
Ibm maximo Application Suite
CVSS v2 : unknown
v3 : 5.9
v2 : unknown
v3 : 7.5
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/292799 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/292799 - VDB Entry, Vendor Advisory
References () https://www.ibm.com/support/pages/node/7167725 - () https://www.ibm.com/support/pages/node/7167725 - Vendor Advisory
CPE cpe:2.3:a:ibm:maximo_application_suite:9.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_application_suite:8.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:maximo_application_suite:8.11:*:*:*:*:*:*:*

09 Sep 2024, 13:03

Type Values Removed Values Added
Summary
  • (es) IBM Maximo Application Suite - Manage Component 8.10, 8.11 y 9.0 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial.

07 Sep 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-07 14:15

Updated : 2024-09-21 10:15


NVD link : CVE-2024-37068

Mitre link : CVE-2024-37068

CVE.ORG link : CVE-2024-37068


JSON object : View

Products Affected

ibm

  • maximo_application_suite
CWE
CWE-327

Use of a Broken or Risky Cryptographic Algorithm