What is the severity of CVE-2017-1664?

CVE-2017-1664 has been categorized as a medium severity vulnerability due to its potential impact on the confidentiality of sensitive information.

How do I fix CVE-2017-1664?

To fix CVE-2017-1664, upgrade your IBM Tivoli Key Lifecycle Manager to the latest version that addresses the use of weak cryptographic algorithms.

What versions of IBM Tivoli Key Lifecycle Manager are affected by CVE-2017-1664?

CVE-2017-1664 affects IBM Tivoli Key Lifecycle Manager versions 2.5, 2.6, and 2.7.

What is the impact of CVE-2017-1664 on sensitive information?

CVE-2017-1664 could allow attackers to decrypt highly sensitive information due to the use of weaker than expected cryptographic algorithms.

Is there a patch available for CVE-2017-1664?

Yes, IBM has released updates for affected versions that mitigate the vulnerabilities described in CVE-2017-1664.

Vulnerability/
CVE-2017-1664

medium

5.9

CWE

326

4/1/2018

16/9/2024

CVE-2017-1664: Weak Encryption

First published: Thu Jan 04 2018(Updated: )

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 133557.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Security Guardium Key Lifecycle Manager	=2.5.0
IBM Security Guardium Key Lifecycle Manager	=2.5.0.0
IBM Security Guardium Key Lifecycle Manager	=2.5.0.1
IBM Security Guardium Key Lifecycle Manager	=2.5.0.2
IBM Security Guardium Key Lifecycle Manager	=2.5.0.3
IBM Security Guardium Key Lifecycle Manager	=2.5.0.4
IBM Security Guardium Key Lifecycle Manager	=2.5.0.5
IBM Security Guardium Key Lifecycle Manager	=2.5.0.6
IBM Security Guardium Key Lifecycle Manager	=2.5.0.7
IBM Security Guardium Key Lifecycle Manager	=2.5.0.8
IBM Security Guardium Key Lifecycle Manager	=2.6.0
IBM Security Guardium Key Lifecycle Manager	=2.6.0.1
IBM Security Guardium Key Lifecycle Manager	=2.6.0.2
IBM Security Guardium Key Lifecycle Manager	=2.6.0.3
IBM Security Guardium Key Lifecycle Manager	=2.7.0
IBM Security Guardium Key Lifecycle Manager	=2.7.0.1
IBM Security Guardium Key Lifecycle Manager	=2.7.0.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-1664?
CVE-2017-1664 has been categorized as a medium severity vulnerability due to its potential impact on the confidentiality of sensitive information.
How do I fix CVE-2017-1664?
To fix CVE-2017-1664, upgrade your IBM Tivoli Key Lifecycle Manager to the latest version that addresses the use of weak cryptographic algorithms.
What versions of IBM Tivoli Key Lifecycle Manager are affected by CVE-2017-1664?
CVE-2017-1664 affects IBM Tivoli Key Lifecycle Manager versions 2.5, 2.6, and 2.7.
What is the impact of CVE-2017-1664 on sensitive information?
CVE-2017-1664 could allow attackers to decrypt highly sensitive information due to the use of weaker than expected cryptographic algorithms.
Is there a patch available for CVE-2017-1664?
Yes, IBM has released updates for affected versions that mitigate the vulnerabilities described in CVE-2017-1664.

agent/type
agent/references
agent/weakness
agent/author
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm security guardium key lifecycle manager
version/ibm security guardium key lifecycle manager/2.5.0
version/ibm security guardium key lifecycle manager/2.5.0.0
version/ibm security guardium key lifecycle manager/2.5.0.1
version/ibm security guardium key lifecycle manager/2.5.0.2
version/ibm security guardium key lifecycle manager/2.5.0.3
version/ibm security guardium key lifecycle manager/2.5.0.4
version/ibm security guardium key lifecycle manager/2.5.0.5
version/ibm security guardium key lifecycle manager/2.5.0.6
version/ibm security guardium key lifecycle manager/2.5.0.7
version/ibm security guardium key lifecycle manager/2.5.0.8
version/ibm security guardium key lifecycle manager/2.6.0
version/ibm security guardium key lifecycle manager/2.6.0.1
version/ibm security guardium key lifecycle manager/2.6.0.2
version/ibm security guardium key lifecycle manager/2.6.0.3
version/ibm security guardium key lifecycle manager/2.7.0
version/ibm security guardium key lifecycle manager/2.7.0.1
version/ibm security guardium key lifecycle manager/2.7.0.2