cbcvebase.
CVE-2017-1672
published 2018-01-04

CVE-2017-1672: IBM Tivoli Key Lifecycle Manager 2.6 and 2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized…

high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
IBM Tivoli Key Lifecycle Manager 2.6 and 2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 133639.

Affected

9 ranges
VendorProductVersion rangeFixed in
ibmsecurity_key_lifecycle_manager
ibmsecurity_key_lifecycle_manager
ibmsecurity_key_lifecycle_manager
ibmsecurity_key_lifecycle_manager
ibmsecurity_key_lifecycle_manager
ibmsecurity_key_lifecycle_manager
ibmsecurity_key_lifecycle_manager
ibmsecurity_key_lifecycle_manager
ibmsecurity_key_lifecycle_manager