4 matches found
CVE-2023-25689
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1 , and 4.1.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 24761...
Security Bulletin: Multiple Vulnerabilities in IBM Security Guardium Key Lifecycle Manager
Summary There are multiple vulnerabilities identified in IBM Security Guardium Key Lifecycle Manager. These vulnerabilties have been fixed in IBM Security Guardium Key Lifecycle Manager v4.2 . Please upgrade to GKLM v4.2 for the fixes. Vulnerability Details CVEID:CVE-2023-25689 DESCRIPTION: IBM...
CVE-2023-25689
creationtimestamp| type| source ---|---|--- 2023-03-21 17:34:55+00:00| seen| https://t.me/cibsecurity/60378 2025-02-25 21:28:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5402...
CVE-2023-25689
CVE-2023-25689 affects IBM Security Guardium Key Lifecycle Manager (GKLM) versions 3.0, 3.0.1, 4.0, 4.1, and 4.1.1. The root cause is a path traversal vulnerability that allows a remote attacker to view arbitrary files by sending a crafted URL containing "/.." sequences. The risk is described as ...