Description
IBM Security Guardium 10 and 10.5 uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software does not also use a salt as part of the input. IBM X-Force ID: 124743.
CVSS breakdown
CVSS 3.0
Availability
None
Attack Complexity
High
Attack Vector
Local
Confidentiality
High
Integrity
None
Privileges Required
None
Scope
Changed
User Interaction
None
E
Unchanged
RC
Changed
RL
O
Affected products
- ibm / security_guardium10 – 10
- ibm / security_guardium10.5 – 10.5