What is the severity of CVE-2017-5186?

CVE-2017-5186 has a medium severity level due to the usage of the deprecated MD5 hashing algorithm in communications certificates.

How do I fix CVE-2017-5186?

To fix CVE-2017-5186, upgrade to the latest versions of Novell iManager or eDirectory that are patched against this vulnerability.

Which software versions are affected by CVE-2017-5186?

CVE-2017-5186 affects Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, and various versions of Novell and NetIQ eDirectory.

What consequences can arise from CVE-2017-5186?

Using the deprecated MD5 hashing algorithm in CVE-2017-5186 exposes data to potential tampering and impacts the integrity of secure communications.

Is there a workaround for CVE-2017-5186?

There are no documented workarounds for CVE-2017-5186; upgrading to a secure version is the recommended course of action.

Vulnerability/
CVE-2017-5186

high

7.5

CWE

327

27/4/2017

5/8/2024

CVE-2017-5186

First published: Thu Apr 27 2017(Updated: )

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.

Credit: meissner@suse.de

Affected Software	Affected Version	How to fix
Micro Focus NetIQ eDirectory	=9.0
Micro Focus NetIQ eDirectory	=9.0.1
Micro Focus NetIQ eDirectory	=9.0.2
NetIQ iManager	=3.0
NetIQ iManager	=3.0.1
NetIQ iManager	=3.0.2
Novell eDirectory	<=8.8
NetIQ iManager	<=2.7

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-5186?
CVE-2017-5186 has a medium severity level due to the usage of the deprecated MD5 hashing algorithm in communications certificates.
How do I fix CVE-2017-5186?
To fix CVE-2017-5186, upgrade to the latest versions of Novell iManager or eDirectory that are patched against this vulnerability.
Which software versions are affected by CVE-2017-5186?
CVE-2017-5186 affects Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, and various versions of Novell and NetIQ eDirectory.
What consequences can arise from CVE-2017-5186?
Using the deprecated MD5 hashing algorithm in CVE-2017-5186 exposes data to potential tampering and impacts the integrity of secure communications.
Is there a workaround for CVE-2017-5186?
There are no documented workarounds for CVE-2017-5186; upgrading to a secure version is the recommended course of action.

agent/type
agent/severity
agent/weakness
agent/references
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/netiq
canonical/micro focus netiq edirectory
version/micro focus netiq edirectory/9.0
version/micro focus netiq edirectory/9.0.1
version/micro focus netiq edirectory/9.0.2
canonical/netiq imanager
version/netiq imanager/3.0
version/netiq imanager/3.0.1
version/netiq imanager/3.0.2
vendor/novell
canonical/novell edirectory
version/novell edirectory/8.8
version/netiq imanager/2.7

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.