First published: Wed Oct 06 2021(Updated: )
IBM Cloud Pak - Risk Manager/IBM Data Risk Manager (iDNA) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Data Risk Manager | =2.0.6 | |
<=2.0.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2021-38862.
The severity of CVE-2021-38862 is high, with a severity value of 7.5.
The affected software for CVE-2021-38862 is IBM Data Risk Manager (iDNA) 2.0.6.
An attacker can exploit CVE-2021-38862 by using weaker than expected cryptographic algorithms to decrypt highly sensitive information.
You can fix CVE-2021-38862 by applying the patch provided by IBM. Please refer to the IBM support page for instructions on how to obtain and apply the patch.