CVE-2022-35720

IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information. IBM X-Force ID: 231373.
References
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:ibm:sterling_external_authentication_server:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_secure_proxy:6.0.3:*:*:*:*:*:*:*
OR cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:linux_on_ibm_z:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

18 Feb 2023, 21:04

Type Values Removed Values Added
New CVE

Information

Published : 2023-02-08 19:15

Updated : 2024-02-04 23:14


NVD link : CVE-2022-35720

Mitre link : CVE-2022-35720

CVE.ORG link : CVE-2022-35720


JSON object : View

Products Affected

microsoft

  • windows

ibm

  • linux_on_ibm_z
  • sterling_secure_proxy
  • sterling_external_authentication_server
  • aix

linux

  • linux_kernel
CWE
CWE-327

Use of a Broken or Risky Cryptographic Algorithm