Security Guardium Key Lifecycle Manager@4.0 Security Vulnerabilities and Issues — Security Guardium Key Lifecycle Manager@4.0 CVE List

Lucene search

IbmSecurity Guardium Key Lifecycle Manager4.0

4 matches found

CVE•added 2024/02/28 10:15 p.m.•116 views

CVE-2023-25925

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632.

8.8CVSS8.3AI score0.00148EPSS

CVE•added 2024/02/28 10:15 p.m.•101 views

CVE-2023-25922

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247621.

8.8CVSS4.4AI score0.00052EPSS

CVE•added 2024/02/29 1:38 a.m.•95 views

CVE-2023-25921

8.8CVSS7.9AI score0.00067EPSS

CVE•added 2024/02/29 1:38 a.m.•93 views

CVE-2023-25926

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599...

8.2CVSS5.5AI score0.00036EPSS