CVE-2018-1745

Description

IBM Security Key Lifecycle Manager 2.7 and 3.0 could allow an unauthenticated user to restart the SKLM server due to missing authentication. IBM X-Force ID: 148424.

CVSS breakdown

CVSS 3.0

Availability

High

Attack Complexity

Low

Attack Vector

Network

Confidentiality

None

Integrity

None

Privileges Required

None

Scope

Unchanged

User Interaction

None

Unchanged

Changed

Affected products

ibm / Security Key Lifecycle Manager2.7 – 2.7
ibm / Security Key Lifecycle Manager3.0 – 3.0

References

MISChttp://www.securityfocus.com/bid/105554
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/148424
MISChttps://www.ibm.com/support/docview.wss?uid=ibm10733355