Weak Algorithm Negotiation in IBM Security Guardium 9.0, 9.1, and 9.5

Weak Algorithm Negotiation in IBM Security Guardium 9.0, 9.1, and 9.5

CVE-2017-1271 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. IBM X-Force ID: 124746.

Learn more about our Web Application Penetration Testing UK.