CVE-2017-5186

CWE-327Broken Cryptographic Algorithm3 documents3 sources
Severity
7.5HIGH
EPSS
0.5%
top 35.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Novell EdirectoryNovell ImanagerNetiq Novell Imanager AND Edirectory+2 more
Timeline
PublishedApr 27
Latest updateMay 13

Description

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

CVEListV5netiq/novell_imanager_and_edirectoryNetIQ/Novell iManager and eDirectory
NVDnetiq/imanager3.0, 3.0.1, 3.0.2+2
NVDnetiq/edirectory9.0, 9.0.1, 9.0.2+2

🔴Vulnerability Details

2
GHSA
GHSA-v5pw-67rf-j965: Novell iManager 22022-05-13
CVEList
CVE-2017-5186: Novell iManager 22017-04-27
CVE-2017-5186 (HIGH CVSS 7.5) | Novell iManager 2.7 before SP7 Patc | cvebase.io