← Retour aux CVEs
CVE-2021-38972
MEDIUM4.3
Description
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Details CVE
Score CVSS v3.14.3
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie11/12/2021
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
ibm:security_guardium_key_lifecycle_manageribm:security_key_lifecycle_manager
Faiblesses (CWE)
CWE-20
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/212775(psirt@us.ibm.com)
https://www.ibm.com/support/pages/node/6515530(psirt@us.ibm.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/212775(af854a3a-2127-422b-91ae-364da2661108)
https://www.ibm.com/support/pages/node/6515530(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.