A libssh2 could provide weaker than expected security vulnerability affects IBM Identity Security Governance
CVEID: CVE-2016-0787 **
DESCRIPTION:** libssh2 could provide weaker than expected security, caused by a type confusion error during the SSHv2 handshake resulting in the generation of a reduced amount of random bits for Diffie-Hellman. An attacker could exploit this vulnerability using the truncated Diffie-Hellman secret to launch further attacks on the system.
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111562 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
IBM Security Identity Governance and Intelligence 5.2_._1
IBM Security Identity Governance and Intelligence
| 5.2.1| None| 5.2.1.0-ISS-SIGI-IF0001
—|—|—|—
CPE | Name | Operator | Version |
---|---|---|---|
ibm security identity governance and intelligence | eq | 5.2.1 |