PT-2020-18140 · Ibm · Ibm Tivoli Key Lifecycle Manager
Published
2020-07-29
·
Updated
2021-07-21
·
CVE-2020-4573
CVSS v3.1
5.3
Medium
| Vector | C:L/I:N/AV:N/A:N/AC:L/S:U/UI:N/PR:N |
Name of the Vulnerable Software and Affected Versions
IBM Tivoli Key Lifecycle Manager versions 3.0.1 through 4.0
Description
The issue allows sensitive information disclosure due to the software responding to unauthenticated HTTP requests.
Recommendations
For versions 3.0.1 through 4.0, consider restricting access to the HTTP requests until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ibm Tivoli Key Lifecycle Manager