IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. IBM X-Force ID: 275114.
Weakness
The product uses an authentication algorithm that uses a single factor (e.g., a password) in a security context that should require more than one factor.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Powersc | Ibm | 1.3 (including) | 1.3 (including) |
| Powersc | Ibm | 2.0 (including) | 2.0 (including) |
| Powersc | Ibm | 2.1 (including) | 2.1 (including) |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/16.html
- https://cwe.mitre.org/data/definitions/49.html
- https://cwe.mitre.org/data/definitions/509.html
- https://cwe.mitre.org/data/definitions/55.html
- https://cwe.mitre.org/data/definitions/555.html
- https://cwe.mitre.org/data/definitions/560.html
- https://cwe.mitre.org/data/definitions/561.html
- https://cwe.mitre.org/data/definitions/565.html
- https://cwe.mitre.org/data/definitions/600.html
- https://cwe.mitre.org/data/definitions/644.html
- https://cwe.mitre.org/data/definitions/645.html
- https://cwe.mitre.org/data/definitions/652.html
- https://cwe.mitre.org/data/definitions/653.html
- https://cwe.mitre.org/data/definitions/70.html