Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tivoli_key_lifecycle_manager
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-06-08 | CVE-2016-6098 | IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. | Security_key_lifecycle_manager, Tivoli_key_lifecycle_manager | 8.1 | ||
| 2017-02-07 | CVE-2016-6097 | IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 allows web pages to be stored locally which can be read by another user on the system. | Security_key_lifecycle_manager, Tivoli_key_lifecycle_manager | 4.0 | ||
| 2017-02-07 | CVE-2016-6096 | IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | Security_key_lifecycle_manager, Tivoli_key_lifecycle_manager | 6.1 | ||
| 2017-02-07 | CVE-2016-6094 | IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 generates an error message that includes sensitive information about its environment, users, or associated data. | Security_key_lifecycle_manager, Tivoli_key_lifecycle_manager | 4.3 | ||
| 2017-06-08 | CVE-2016-6093 | IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | Security_key_lifecycle_manager, Tivoli_key_lifecycle_manager | 9.8 | ||
| 2017-02-07 | CVE-2016-6092 | IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 stores user credentials in plain in clear text which can be read by a local user. | Security_key_lifecycle_manager, Tivoli_key_lifecycle_manager | 6.2 |