Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-1680

IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 145236.

Published

2019-04-02T14:29:00.810

Last Modified

2024-11-21T04:00:11.693

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 5.9 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-521
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application ibm security_privileged_identity_manager 2.1.1 Yes
References