CVE-2019-4566

IBM Security Key Lifecycle Manager 3.0 and 3.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 166627.

Published : 2019-09-24 14:15 Updated : 2019-10-09 23:50

2.1
CVSS Score More info
Score 2.1 / 10
2.1
Vendor Product Version URI
Ibm Security Key Lifecycle Manager 3.0 cpe:/a:ibm:security_key_lifecycle_manager:3.0
Ibm Security Key Lifecycle Manager 3.0.0 cpe:/a:ibm:security_key_lifecycle_manager:3.0.0
Ibm Security Key Lifecycle Manager 3.0.0.1 cpe:/a:ibm:security_key_lifecycle_manager:3.0.0.1
Ibm Security Key Lifecycle Manager 3.0.0.2 cpe:/a:ibm:security_key_lifecycle_manager:3.0.0.2
Ibm Security Key Lifecycle Manager 3.0.1 cpe:/a:ibm:security_key_lifecycle_manager:3.0.1
Ibm Security Key Lifecycle Manager 3.0.1.1 cpe:/a:ibm:security_key_lifecycle_manager:3.0.1.1
  1. Ibm (1) Search CVE
    1. Security Key Lifecycle Manager (6) Search CVE
      1. 3.0
      2. 3.0.0
      3. 3.0.0.1
      4. 3.0.0.2
      5. 3.0.1
      6. 3.0.1.1

CWE

ID Name Description Links
CWE-312 Cleartext Storage of Sensitive Information The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere. CVE

History of changes

Date Event
2019-09-24 16:52
2019-09-24 14:23

New CVE