CVE-2013-5461
First published: Fri Apr 27 2018(Updated: )
IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Endpoint Manager for Remote Control | =9.0.0 | |
| IBM Endpoint Manager for Remote Control | =9.0.1 | |
| IBM Tivoli Remote Control | =5.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88309
- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-insecure-storage-of-passwords-in-ibm-endpoint-manager-for-remote-control-cve-2013-5461/
- https://www.ibm.com/blogs/psirt/ibm-security-bulletin-insecure-storage-of-passwords-in-tivoli-remote-control-cve-2013-5461/
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/weakness
- agent/event
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm endpoint manager for remote control
- version/ibm endpoint manager for remote control/9.0.0
- version/ibm endpoint manager for remote control/9.0.1
- canonical/ibm tivoli remote control
- version/ibm tivoli remote control/5.1.2