3 matches found
CVE-2023-25686
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 247601...
Security Bulletin: Multiple Vulnerabilities in IBM Security Guardium Key Lifecycle Manager
Summary There are multiple vulnerabilities identified in IBM Security Guardium Key Lifecycle Manager. These vulnerabilties have been fixed in IBM Security Guardium Key Lifecycle Manager v4.2 . Please upgrade to GKLM v4.2 for the fixes. Vulnerability Details CVEID:CVE-2023-25689 DESCRIPTION: IBM...
CVE-2023-25686
CVE-2023-25686 affects IBM Security Guardium Key Lifecycle Manager (GKLM) versions 3.0–4.1.1, where user credentials are stored in plaintext, enabling local read by an attacker with local access. Red Hat/IBM sources confirm the issue and indicate remediation via GKLM v4.2 upgrade. Practical impac...