The decrypt function in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics does not require a key, which makes it easier for remote attackers to obtain cleartext passwords by sniffing the network and then providing a string argument to this function.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2014-07-07T10:00:00
Updated: 2024-08-06T09:27:20.174Z
Reserved: 2014-01-06T00:00:00
Link: CVE-2014-0869
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-07-07T11:01:28.947
Modified: 2018-10-09T19:42:10.563
Link: CVE-2014-0869
Redhat
No data.