CVE-2019-4514Sensitive Information Exposure in IBM Security KEY Lifecycle Manager

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.2%
top 62.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security KEY Lifecycle Manager
Timeline
PublishedOct 4
Latest updateMay 24

Description

IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0, and 3.0.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 165136.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDibm/security_key_lifecycle_manager2.6.02.6.0.5+3
CVEListV5ibm/security_key_lifecycle_manager4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-94mc-rhpv-r787: IBM Security Key Lifecycle Manager 22022-05-24
CVEList
CVE-2019-4514: IBM Security Key Lifecycle Manager 22019-10-04
CVE-2019-4514 — Sensitive Information Exposure in IBM | cvebase