Weak AES Password Encryption in IBM WebSphere Application Server version 9.0.0.4

Weak AES Password Encryption in IBM WebSphere Application Server version 9.0.0.4

CVE-2017-1504 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

IBM WebSphere Application Server version 9.0.0.4 could provide weaker than expected security after using the PasswordUtil command to enable AES password encryption. IBM X-Force ID: 129579.

Learn more about our Cis Benchmark Audit For Ibm Websphere.