Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2023-38371
CVE-2023-38371:
IBM Security Access Manager (ISAM) vulnerability analysis and mitigation
Overview
IBM Security Access Manager Docker versions 10.0.0.0 through 10.0.7.1 contains a vulnerability related to the use of weak cryptographic algorithms. The vulnerability was assigned CVE-2023-38371 and was disclosed on June 27, 2024. This security flaw affects the IBM Security Access Manager Docker container implementations (IBM NVD, CVE Mitre).
Technical details
The vulnerability stems from the implementation of cryptographic algorithms that are weaker than expected security standards. The severity of this vulnerability has been assessed with a CVSS v3.1 Base Score of 7.5 (HIGH) according to NVD, while IBM Corporation rated it with a Base Score of 5.9 (MEDIUM). The vulnerability has been classified under CWE-327 (Use of a Broken or Risky Cryptographic Algorithm) (IBM NVD).
Impact
If exploited, this vulnerability could allow an attacker to decrypt highly sensitive information that was protected by these weak cryptographic algorithms. The vulnerability primarily affects the confidentiality of the system, with no direct impact on integrity or availability (IBM NVD).
Additional resources
Source: This report was generated using AI
Related IBM Security Access Manager (ISAM) vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management