Design/Logic Flaw

2021-11-1516:15:00

PRIOn knowledge base

www.prio-n.com

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.8%

JSON

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow an authenticated user to to obtain sensitive information from a specially crafted HTTP request. IBM X-Force ID: 212780.

CPENameOperatorVersion
security_guardium_key_lifecycle_managereq4.1.0
security_guardium_key_lifecycle_managereq4.1.0.1
security_guardium_key_lifecycle_managereq4.1.1
security_key_lifecycle_managerge3.0
security_key_lifecycle_managerle3.0.0.4
security_key_lifecycle_managerge3.0.1
security_key_lifecycle_managerle3.0.1.5
security_key_lifecycle_managerge4.0
security_key_lifecycle_managerle4.0.0.3
security_key_lifecycle_managereq4.1.0

Name	Operator	Version
security_guardium_key_lifecycle_manager	eq	4.1.0
security_guardium_key_lifecycle_manager	eq	4.1.0.1
security_guardium_key_lifecycle_manager	eq	4.1.1
security_key_lifecycle_manager	ge	3.0
security_key_lifecycle_manager	le	3.0.0.4
security_key_lifecycle_manager	ge	3.0.1
security_key_lifecycle_manager	le	3.0.1.5
security_key_lifecycle_manager	ge	4.0
security_key_lifecycle_manager	le	4.0.0.3
security_key_lifecycle_manager	eq	4.1.0