Vulnerabilities > IBM > Tivoli KEY Lifecycle Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-02-07 CVE-2016-6097 Information Exposure vulnerability in IBM products
IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-200
4.0
4.0
2017-02-07 CVE-2016-6096 Cross-site Scripting vulnerability in IBM products
IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2017-02-07 CVE-2016-6094 Information Exposure vulnerability in IBM products
IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 generates an error message that includes sensitive information about its environment, users, or associated data.
network
low complexity
ibm CWE-200
4.3
4.3
2017-02-07 CVE-2016-6092 Information Exposure vulnerability in IBM products
IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 stores user credentials in plain in clear text which can be read by a local user.
local
low complexity
ibm CWE-200
6.2
6.2