CVE Vulnerabilities

CVE-2011-1560

Published: Apr 05, 2011 | Modified: Apr 11, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x and 6.3.x before 6.3.47, and 6.5.x before 6.5.0.3 uses a password-hash length specified by the client, which allows remote attackers to bypass authentication via a short length value.

Affected Software

Name Vendor Start Version End Version
Soliddb Ibm * 4.5.180 (including)
Soliddb Ibm 4.5.167 (including) 4.5.167 (including)
Soliddb Ibm 4.5.168 (including) 4.5.168 (including)
Soliddb Ibm 4.5.169 (including) 4.5.169 (including)
Soliddb Ibm 4.5.173 (including) 4.5.173 (including)
Soliddb Ibm 4.5.175 (including) 4.5.175 (including)
Soliddb Ibm 4.5.176 (including) 4.5.176 (including)
Soliddb Ibm 4.5.178 (including) 4.5.178 (including)
Soliddb Ibm 4.5.179 (including) 4.5.179 (including)

References