IBM Tivoli Key Lifecycle Manager Information Disclosure Vulnerability (CNVD-2021-91636)

2021-11-1600:00:00

China National Vulnerability Database

www.cnvd.org.cn

0.002 Low

EPSS

Percentile

54.8%

JSON

IBM Tivoli Key Lifecycle Manager (TKLM) is a set of key lifecycle management software from IBM Corporation. The software provides key storage, key maintenance, and key lifecycle management for storage devices.A security vulnerability exists in IBM Tivoli Key Lifecycle Manager, which stems from the failure of IBM Tivoli Key Lifecycle Manager to properly enable HTTP Strict Transport Security. An attacker could exploit the vulnerability to obtain sensitive information.

CPENameOperatorVersion
ibm ibm tivoli key lifecycle managereq3.0
ibm ibm tivoli key lifecycle managereq3.0.1
ibm ibm tivoli key lifecycle managereq4.0
ibm tivoli key lifecycle managereq4.1

Name	Operator	Version
ibm ibm tivoli key lifecycle manager	eq	3.0
ibm ibm tivoli key lifecycle manager	eq	3.0.1
ibm ibm tivoli key lifecycle manager	eq	4.0
ibm tivoli key lifecycle manager	eq	4.1

0.002 Low

EPSS

Percentile

54.8%

JSON

Related for CNVD-2021-91636