CVE-2022-22368: Weak Encryption
First published: Tue Apr 26 2022(Updated: )
IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 221012.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Spectrum Scale | >=5.1.0<=5.1.3.0 | |
| IBM AIX | ||
| Linux Linux kernel | ||
| Microsoft Windows | ||
| <=5.1.0 - 5.1.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID is CVE-2022-22368.
What is the severity of CVE-2022-22368?
The severity of CVE-2022-22368 is high, with a severity value of 7.5.
How does the vulnerability impact IBM Spectrum Scale?
The vulnerability in IBM Spectrum Scale could allow an attacker to decrypt highly sensitive information.
Which versions of IBM Spectrum Scale are affected by this vulnerability?
IBM Spectrum Scale versions 5.1.0 through 5.1.3.0 are affected by this vulnerability.
How can I fix the vulnerability in IBM Spectrum Scale?
To fix the vulnerability in IBM Spectrum Scale, update to a version beyond 5.1.3.0 that uses stronger cryptographic algorithms.
- collector/nvd-index
- agent/references
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/remedy
- agent/last-modified-date
- agent/description
- agent/softwarecombine
- agent/tags
- agent/event
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm spectrum scale
- version/ibm spectrum scale/5.1.0
- version/ibm spectrum scale/5.1.3.0
- canonical/ibm aix
- vendor/linux
- canonical/linux linux kernel
- vendor/microsoft
- canonical/microsoft windows
- version/ibm spectrum scale/5.1.0 - 5.1.3.0