How severe is CVE-2018-1608?

Medium severity. CVSS v3 base score is 5.9 out of 10.

Vulnerability in Ibm Rational Engineering Lifecycle Manager

CVE-2018-1608

IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 143798.

EPSS: 0.001 (32.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.0/AV:N/A:N/C:H/UI:N/S:U/PR:N/I:N/AC:H/RL:O/RC:C/E:U.

Affected products

Ibm Rational Engineering Lifecycle Manager — versions 6.0.2, 6.0.6, 6.0.4

References

www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
ibm-relm-cve20181608-info-disc (143798) (vdb-entry, x_refsource_XF)
108290 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2018-1608?: CVE-2018-1608 is a medium-severity vulnerability in Ibm Rational Engineering Lifecycle Manager. CVSS score: 5.9/10. Published 2019-05-01.
How severe is CVE-2018-1608?: Medium severity. CVSS v3 base score is 5.9 out of 10.