Vulnerabilities > CVE-2023-25923 - Incorrect Authorization vulnerability in IBM Security KEY Lifecycle Manager

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
ibm
CWE-863

Summary

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an attacker to upload files that could be used in a denial of service attack due to incorrect authorization. IBM X-Force ID: 247629.

Common Weakness Enumeration (CWE)