CVE-2021-39082Use of a Broken or Risky Cryptographic Algorithm in IBM Urbancode Deploy

CWE-327Use of a Broken or Risky Cryptographic Algorithm3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 66.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Urbancode Deploy
Timeline
PublishedApr 29
Latest updateApr 30

Description

IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/urbancode_deploy20 versions+19
NVDibm/urbancode_deploy21 versions+20

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-9qj7-66wc-7r4j: IBM UrbanCode Deploy (UCD) 72022-04-30
CVEList
CVE-2021-39082: IBM UrbanCode Deploy (UCD) 72022-04-29
CVE-2021-39082 — IBM Urbancode Deploy vulnerability | cvebase