PT-2023-20363 · Ibm · Ibm Security Guardium Key Lifecycle Manager

Ben Goodspeed

Publicado

2023-03-21

Atualizado

2023-03-24

CVE-2023-25924

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM Security Guardium Key Lifecycle Manager versions 3.0 through 4.1.1

Description The issue is related to improper authorization, allowing an authenticated user to perform actions they should not have access to.

Recommendations For versions 3.0 through 4.1.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-863

Identificadores relacionados

CVE-2023-25924

Produtos afetados

Ibm Security Guardium Key Lifecycle Manager

PT-2023-20363 · Ibm · Ibm Security Guardium Key Lifecycle Manager

CVE-2023-25924

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4