CVE-2016-6099

MEDIUM

IBM Tivoli Key Lifecycle Manager <2.7 - Info Disclosure

Title source: llm

Description

IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system.

References (2)

[Patch, Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=swg21997924

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/95958

Scores

CVSS v3 5.3

EPSS 0.0019

EPSS Percentile 40.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-200

Status published

Affected Products (17)

ibm/security_key_lifecycle_manager

ibm/security_key_lifecycle_manager

ibm/security_key_lifecycle_manager

ibm/security_key_lifecycle_manager

ibm/security_key_lifecycle_manager

ibm/security_key_lifecycle_manager

ibm/security_key_lifecycle_manager

ibm/security_key_lifecycle_manager

ibm/security_key_lifecycle_manager

ibm/security_key_lifecycle_manager

ibm/security_key_lifecycle_manager

ibm/security_key_lifecycle_manager

IBM Corporation/Key Lifecycle Manager < 2.5

IBM Corporation/Key Lifecycle Manager < 1.0

IBM Corporation/Key Lifecycle Manager < 2.0

... and 2 more

Timeline

Published Feb 02, 2017

Tracked Since Feb 18, 2026