CVE-2014-0872

MEDIUM

IBM Security Key Lifecycle Manager 2.5 - Unencrypted Credential Storage

Title source: llm
STIX 2.1

Description

The installation process in IBM Security Key Lifecycle Manager 2.5 stores unencrypted credentials, which might allow local users to obtain sensitive information by leveraging root access. IBM X-Force ID: 90988.

Scores

CVSS v3 4.1
EPSS 0.0028
EPSS Percentile 19.9%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200 CWE-255
Status published
Products (1)
ibm/security_key_lifecycle_manager 2.5.0
Published Apr 25, 2018
Tracked Since Feb 18, 2026