IBM Tivoli Key Lifecycle Manager 2.0.1.6

CPE Details

IBM Tivoli Key Lifecycle Manager 2.0.1.6
ibm
tivoli_key_lifecycle_manager
2.0.1.6
2017-02-08
17h38 +00:00
2021-05-17
17h04 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.6:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

tivoli_key_lifecycle_manager

Version

2.0.1.6

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-6093 2017-06-08 19h00 +00:00 IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
9.8
Critical
CVE-2016-6098 2017-06-08 19h00 +00:00 IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
8.1
High
CVE-2016-6092 2017-02-07 15h00 +00:00 IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 stores user credentials in plain in clear text which can be read by a local user.
6.2
Medium
CVE-2016-6094 2017-02-07 15h00 +00:00 IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 generates an error message that includes sensitive information about its environment, users, or associated data.
4.3
Medium
CVE-2016-6096 2017-02-07 15h00 +00:00 IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
6.1
Medium
CVE-2016-6097 2017-02-07 15h00 +00:00 IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 allows web pages to be stored locally which can be read by another user on the system.
4
Medium