Lucene search
K

953 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 5:31 a.m.9 views

CVE-2024-1714

An issue exists in all supported versions of IdentityIQ Lifecycle Manager that can result if an entitlement with a value containing leading or trailing whitespace is requested by an authenticated user in an access request...

7.1CVSS6.8AI score0.00344EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.12 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2024-45086)

Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

5.5CVSS6.5AI score0.0044EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.11 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2024-45073)

Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

4.8CVSS5.6AI score0.00233EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.24 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2024-45071)

Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

5.5CVSS5.7AI score0.00237EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.10 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2024-45072)

Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

5.5CVSS6.5AI score0.00439EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2024/12/20 12:0 a.m.10 views

IBM Security Guardium Key Lifecycle Manager Information Disclosure Vulnerability (CNVD-2025-01796)

IBM Security Guardium Key Lifecycle Manager is an encryption key management tool from International Business Machines IBM. It centralizes, simplifies and automates the key management process. An information disclosure vulnerability exists in IBM Security Guardium Key Lifecycle Manager, which can ...

4.3CVSS5.8AI score0.00462EPSS
Exploits0References1
OSV
OSV
added 2024/12/17 6:15 p.m.4 views

CVE-2024-49818

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

4.3CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2024/12/17 6:15 p.m.4 views

CVE-2024-49819

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors...

7.5CVSS5.8AI score0.00258EPSS
Exploits0References1
OSV
OSV
added 2024/12/17 6:15 p.m.4 views

CVE-2024-49816

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

4.4CVSS5.8AI score0.00353EPSS
Exploits0References1
OSV
OSV
added 2024/12/17 6:15 p.m.5 views

CVE-2024-49817

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores user credentials in configuration files which can be read by a local privileged user...

4.4CVSS5.8AI score0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/17 5:42 p.m.98 views

CVE-2024-49816 IBM Security Guardium Key Lifecycle Manager information disclosure

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

4.9CVSS0.00353EPSS
Exploits0References1
CVE
CVE
added 2024/12/17 5:42 p.m.101 views

CVE-2024-49816

CVE-2024-49816 affects IBM Security Guardium Key Lifecycle Manager (GKLM) versions 4.1, 4.1.1, 4.2.0, and 4.2.1. The issue is a log information disclosure: potentially sensitive data is stored in log files and could be read by a local privileged user due to how logging is handled. Impact is confi...

4.9CVSS4.7AI score0.00353EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/17 5:42 p.m.13 views

CVE-2024-49820 IBM Security Guardium Key Lifecycle Manager information disclosure

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man i...

3.7CVSS6.4AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2024/12/17 5:41 p.m.99 views

CVE-2024-49819

CVE-2024-49819 affects IBM Security Guardium Key Lifecycle Manager (GKLM) versions 4.1, 4.1.1, 4.2.0, and 4.2.1. The flaw could allow a remote attacker to obtain sensitive information in cleartext over a sniffable communication channel. The IBM security bulletin lists this as a network-friendly v...

7.5CVSS4AI score0.00258EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.4 views

PT-2024-33697 · Ibm · Ibm Security Guardium Key Lifecycle Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager versions 4.1, 4.1.1, 4.2.0, and 4.2.1 Description: The issue is caused by the failure to properly enable HTTP Strict Transport Security, allowing a remote attacker to obtain sensitive information...

3.7CVSS6.7AI score0.00245EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.4 views

IBM Security Guardium Key Lifecycle Manager 安全漏洞

IBM Security Guardium Key Lifecycle Manager is an encryption key management tool from International Business Machines IBM. It centralizes, simplifies and automates the key management process. IBM Security Guardium Key Lifecycle Manager suffers from an information disclosure vulnerability that ste...

3.7CVSS5.9AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.4 views

IBM Security Guardium Key Lifecycle Manager 安全漏洞

IBM Security Guardium Key Lifecycle Manager is a cryptographic key management tool from International Business Machines IBM. that centralizes, simplifies, and automates the key management process. A security vulnerability exists in IBM Security Guardium Key Lifecycle Manager. An attacker exploiti...

7.5CVSS6.3AI score0.00258EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.4 views

PT-2024-33694 · Ibm · Ibm Security Guardium Key Lifecycle Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager versions 4.1 through 4.2.1 Description: The issue concerns the storage of user credentials in configuration files by IBM Security Guardium Key Lifecycle Manager. These credentials can be accessed by...

4.4CVSS6.4AI score0.00189EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.3 views

IBM Security Guardium Key Lifecycle Manager 安全漏洞

IBM Security Guardium Key Lifecycle Manager is an encryption key management tool from International Business Machines IBM. It centralizes, simplifies and automates the key management process. An information vulnerability exists in IBM Security Guardium Key Lifecycle Manager, which can be exploite...

4.4CVSS6.2AI score0.00189EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/04 5:50 a.m.22 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager

Summary IBM Db2 is shipped as a component of IBM Security Key Lifecycle Manager SKLM/GKLM. Information about multiple security vulnerabilities affecting IBM Db2 has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.5CVSS7AI score0.00696EPSS
Exploits0Affected Software1
Rows per page
Query Builder