Vulnerabilities > CVE-2023-25689 - Unspecified vulnerability in IBM Security KEY Lifecycle Manager
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1 , and 4.1.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 247618.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |