IBM Tivoli Key Lifecycle Manager Information Disclosure Vulnerability (CNVD-2022-15541)

2021-11-1600:00:00

China National Vulnerability Database

www.cnvd.org.cn

0.001 Low

EPSS

Percentile

41.7%

JSON

IBM Tivoli Key Lifecycle Manager (TKLM) is a set of key lifecycle management software from IBM Corporation. The software provides key storage, key maintenance, and key lifecycle management for storage devices.IBM Tivoli Key Lifecycle Manager has a security vulnerability that could be exploited by an attacker to obtain sensitive information when a detailed technical error message is returned in a browser, which could be used for further attacks on the system.

CPENameOperatorVersion
IBM IBM Security Key Lifecycle Manager >=3.0，<=3.eq0.0.4
IBM IBM Security Key Lifecycle Manager >=3.0.1，<=3.eq0.1.5
IBM IBM Security Key Lifecycle Manager >=4.0，<=4.eq0.0.3
IBM IBM Security Guardium Key Lifecycle Manager >=4.1.0，<=4.eq1.0.1
IBM IBM Security Guardium Key Lifecycle Managereq4.1.1

Name	Operator	Version
IBM IBM Security Key Lifecycle Manager >=3.0，<=3.	eq	0.0.4
IBM IBM Security Key Lifecycle Manager >=3.0.1，<=3.	eq	0.1.5
IBM IBM Security Key Lifecycle Manager >=4.0，<=4.	eq	0.0.3
IBM IBM Security Guardium Key Lifecycle Manager >=4.1.0，<=4.	eq	1.0.1
IBM IBM Security Guardium Key Lifecycle Manager	eq	4.1.1

0.001 Low

EPSS

Percentile

41.7%

JSON

Related for CNVD-2022-15541