Weak Algorithm Negotiation in IBM Security Identity Governance and Intelligence Virtual Appliance

Weak Algorithm Negotiation in IBM Security Identity Governance and Intelligence Virtual Appliance

CVE-2018-1946 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. IBM X-Force ID: 153388.

Learn more about our Web Application Penetration Testing UK.