CVE-2022-22327Use of a Broken or Risky Cryptographic Algorithm in IBM Urbancode Deploy

CWE-327Use of a Broken or Risky Cryptographic Algorithm3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 73.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Urbancode Deploy
Timeline
PublishedApr 1
Latest updateApr 2

Description

IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 218859.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDibm/urbancode_deploy7.0.5.37.0.5.9+1
CVEListV5ibm/urbancode_deploy4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-9gfp-cmrg-hp24: IBM UrbanCode Deploy (UCD) 72022-04-02
CVEList
CVE-2022-22327: IBM UrbanCode Deploy (UCD) 72022-04-01