What is the severity of CVE-2017-1665?

CVE-2017-1665 is considered to have a medium severity due to the potential for unauthorized decryption of sensitive information.

How do I fix CVE-2017-1665?

To fix CVE-2017-1665, upgrade IBM Tivoli Key Lifecycle Manager to a version that utilizes stronger cryptographic algorithms.

What systems are affected by CVE-2017-1665?

CVE-2017-1665 affects IBM Tivoli Key Lifecycle Manager versions 2.5, 2.6, and 2.7.

What impact can CVE-2017-1665 have on my organization?

CVE-2017-1665 can allow attackers to decrypt sensitive information, potentially leading to data breaches.

Is CVE-2017-1665 being actively exploited?

As of now, there have been no public reports indicating active exploitation of CVE-2017-1665.

Vulnerability/
CVE-2017-1665

medium

5.9

CWE

326

3/1/2018

5/8/2024

CVE-2017-1665: Weak Encryption

First published: Wed Jan 03 2018(Updated: )

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 133559.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Security Guardium Key Lifecycle Manager	=2.5.0
IBM Security Guardium Key Lifecycle Manager	=2.5.0.0
IBM Security Guardium Key Lifecycle Manager	=2.5.0.1
IBM Security Guardium Key Lifecycle Manager	=2.5.0.2
IBM Security Guardium Key Lifecycle Manager	=2.5.0.3
IBM Security Guardium Key Lifecycle Manager	=2.5.0.4
IBM Security Guardium Key Lifecycle Manager	=2.5.0.5
IBM Security Guardium Key Lifecycle Manager	=2.5.0.6
IBM Security Guardium Key Lifecycle Manager	=2.5.0.7
IBM Security Guardium Key Lifecycle Manager	=2.5.0.8
IBM Security Guardium Key Lifecycle Manager	=2.6.0
IBM Security Guardium Key Lifecycle Manager	=2.6.0.1
IBM Security Guardium Key Lifecycle Manager	=2.6.0.2
IBM Security Guardium Key Lifecycle Manager	=2.6.0.3
IBM Security Guardium Key Lifecycle Manager	=2.7.0
IBM Security Guardium Key Lifecycle Manager	=2.7.0.1
IBM Security Guardium Key Lifecycle Manager	=2.7.0.2
Debian Linux	=9.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-1665?
CVE-2017-1665 is considered to have a medium severity due to the potential for unauthorized decryption of sensitive information.
How do I fix CVE-2017-1665?
To fix CVE-2017-1665, upgrade IBM Tivoli Key Lifecycle Manager to a version that utilizes stronger cryptographic algorithms.
What systems are affected by CVE-2017-1665?
CVE-2017-1665 affects IBM Tivoli Key Lifecycle Manager versions 2.5, 2.6, and 2.7.
What impact can CVE-2017-1665 have on my organization?
CVE-2017-1665 can allow attackers to decrypt sensitive information, potentially leading to data breaches.
Is CVE-2017-1665 being actively exploited?
As of now, there have been no public reports indicating active exploitation of CVE-2017-1665.

collector/security-tracker-debian
agent/type
collector/mitre-cve
source/MITRE
agent/references
agent/weakness
agent/author
agent/last-modified-date
agent/severity
agent/event
agent/description
agent/first-publish-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm security guardium key lifecycle manager
version/ibm security guardium key lifecycle manager/2.5.0
version/ibm security guardium key lifecycle manager/2.5.0.0
version/ibm security guardium key lifecycle manager/2.5.0.1
version/ibm security guardium key lifecycle manager/2.5.0.2
version/ibm security guardium key lifecycle manager/2.5.0.3
version/ibm security guardium key lifecycle manager/2.5.0.4
version/ibm security guardium key lifecycle manager/2.5.0.5
version/ibm security guardium key lifecycle manager/2.5.0.6
version/ibm security guardium key lifecycle manager/2.5.0.7
version/ibm security guardium key lifecycle manager/2.5.0.8
version/ibm security guardium key lifecycle manager/2.6.0
version/ibm security guardium key lifecycle manager/2.6.0.1
version/ibm security guardium key lifecycle manager/2.6.0.2
version/ibm security guardium key lifecycle manager/2.6.0.3
version/ibm security guardium key lifecycle manager/2.7.0
version/ibm security guardium key lifecycle manager/2.7.0.1
version/ibm security guardium key lifecycle manager/2.7.0.2
vendor/debian
canonical/debian linux
version/debian linux/9.0