CVE-2017-1669

Name of the Vulnerable Software and Affected Versions: IBM Tivoli Key Lifecycle Manager versions 2.5 through 2.7

Description: The issue allows for potential information disclosure due to sensitive information being stored in URL parameters. If unauthorized parties gain access to the URLs through server logs, referrer headers, or browser history, they may obtain sensitive data.

Recommendations: For versions 2.5 through 2.7, consider restricting access to server logs and implementing measures to protect browser history to minimize the risk of information disclosure. As a temporary workaround, avoid using sensitive information in URL parameters until a more permanent solution is available.