CVE-2017-1666
published 2018-01-09CVE-2017-1666: IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker…
high8.1CVSS 3.0
AVNACLPRLUINSUCHINAH
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 133540.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |
| ibm | security_key_lifecycle_manager | — | — |