Description
IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism. IBM X-Force ID: 184158.
CVSS breakdown
CVSS 3.0
Scope
Unchanged
User Interaction
None
Privileges Required
None
Attack Vector
Network
Integrity
Low
Confidentiality
Low
Attack Complexity
Low
Availability
None
RL
O
RC
Changed
E
Unchanged
Affected products
- ibm / Security Key Lifecycle Manager3.0.1 – 3.0.1
- ibm / Security Key Lifecycle Manager4.0 – 4.0