| |
Vulnerability CVE-2021-38985
Published: 2021-11-12
| Description: |
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Type:
CWE-20 (Improper Input Validation)
CVSS2 => (AV:N/AC:L/Au:S/C:N/I:P/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4/10 |
2.9/10 |
8/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
None |
References: |
https://exchange.xforce.ibmcloud.com/vulnerabilities/212799
https://www.ibm.com/support/pages/node/6515526
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
