PT-2018-14042 · Ibm · Ibm Tivoli Key Lifecycle Manager

Chris Shepherd

Publicado

2018-10-08

Atualizado

2020-08-24

CVE-2018-1749

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions IBM Tivoli Key Lifecycle Manager versions 2.6 through 3.0

Description The issue allows attackers to bypass application controls due to incomplete blacklisting for input validation, resulting in a direct impact to the system and data integrity.

Recommendations For versions 2.6 through 3.0, update to a version that includes complete blacklisting for input validation to prevent attackers from bypassing application controls.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2018-1749

Produtos afetados

Ibm Tivoli Key Lifecycle Manager

PT-2018-14042 · Ibm · Ibm Tivoli Key Lifecycle Manager

CVE-2018-1749

Identificadores relacionados

Produtos afetados

Referências · 4