solid.exe in IBM solidDB prior to 4.5.181, 6.0.x prior to 6.0.1067, 6.1.x and 6.3.x prior to 6.3.47, and 6.5.x prior to 6.5.0.3 uses a password-hash length specified by the client, which allows remote malicious users to bypass authentication via a short length value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm soliddb 4.5.169 |
||
ibm soliddb 4.5.173 |
||
ibm soliddb 4.5.167 |
||
ibm soliddb 4.5.168 |
||
ibm soliddb 4.5.175 |
||
ibm soliddb 4.5.178 |
||
ibm soliddb 4.5.176 |
||
ibm soliddb 4.5.179 |
||
ibm soliddb |
||
ibm soliddb 6.0.1065 |
||
ibm soliddb 6.0.1064 |
||
ibm soliddb 6.30.0040 |
||
ibm soliddb 6.30.0044 |
||
ibm soliddb 6.0.1066 |
||
ibm soliddb 6.1.18 |
||
ibm soliddb 6.3.38 |
||
ibm soliddb 6.5.0.1 |
||
ibm soliddb 6.5.0.2 |
||
ibm soliddb 6.0.1061 |
||
ibm soliddb 6.0.1060 |
||
ibm soliddb 6.3.33 |
||
ibm soliddb 6.3.37 |
||
ibm soliddb 6.1 |
||
ibm soliddb 6.1.20 |
||
ibm soliddb 6.30.0039 |
||
ibm soliddb 6.5.0.0 |