IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores user credentials in configuration files which can be read by a local privileged user.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7175067 |
![]() ![]() |
History
Tue, 07 Jan 2025 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-522 |
Tue, 17 Dec 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 17 Dec 2024 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores user credentials in configuration files which can be read by a local privileged user. | |
Title | IBM Security Guardium Key Lifecycle Manager information disclosure | |
First Time appeared |
Ibm
Ibm security Guardium Key Lifecycle Manager |
|
Weaknesses | CWE-260 | |
CPEs | cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:4.1.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:4.1.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:4.2.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:4.2.1:*:*:*:*:*:*:* |
|
Vendors & Products |
Ibm
Ibm security Guardium Key Lifecycle Manager |
|
References |
| |
Metrics |
cvssV3_1
|
![cve-icon](/static/img/cve-icon.png)
Status: PUBLISHED
Assigner: ibm
Published: 2024-12-17T17:34:11.065Z
Updated: 2024-12-17T20:37:54.298Z
Reserved: 2024-10-20T13:40:29.645Z
Link: CVE-2024-49817
![cve-icon](/static/img/cisa-icon.png)
Updated: 2024-12-17T20:35:19.404Z
![cve-icon](/static/img/nvd-icon.png)
Status : Analyzed
Published: 2024-12-17T18:15:23.937
Modified: 2025-01-07T17:23:31.817
Link: CVE-2024-49817
![cve-icon](/static/img/redhat-icon.png)
No data.