CVE-2024-49817
Severity
4.4MEDIUM
EPSS
0.0%
top 90.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 17
Description
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores user credentials in configuration files which can be read by a local privileged user.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6