IBM Tivoli Key Lifecycle Manager Cross-Site Scripting Vulnerability (CNVD-2021-91634)

2021-11-1600:00:00

China National Vulnerability Database

www.cnvd.org.cn

0.001 Low

EPSS

Percentile

19.8%

JSON

IBM Tivoli Key Lifecycle Manager (TKLM) is a set of key lifecycle management software from IBM Corporation in the United States. The software provides key storage, key maintenance, and key lifecycle management for storage devices.IBM Tivoli Key Lifecycle Manager has a security vulnerability that could be exploited by an attacker to allow a user to embed arbitrary JavaScript code in the Web UI to change the intended functionality, resulting in credential disclosure in a trusted session.

CPENameOperatorVersion
ibm ibm tivoli key lifecycle managereq3.0
ibm ibm tivoli key lifecycle managereq3.0.1
ibm ibm tivoli key lifecycle managereq4.0
ibm tivoli key lifecycle managereq4.1

Name	Operator	Version
ibm ibm tivoli key lifecycle manager	eq	3.0
ibm ibm tivoli key lifecycle manager	eq	3.0.1
ibm ibm tivoli key lifecycle manager	eq	4.0
ibm tivoli key lifecycle manager	eq	4.1

0.001 Low

EPSS

Percentile

19.8%

JSON

Related for CNVD-2021-91634