Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-25921

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620.

Published

2024-02-29T01:38:24.113

Last Modified

2024-12-13T20:53:05.783

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.5 (HIGH)

Weaknesses

Type: Primary
CWE-434

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	security_guardium_key_lifecycle_manager	< 4.1.1.7	Yes
Operating System	ibm	aix	-	No
Operating System	linux	linux_kernel	-	No
Operating System	microsoft	windows	-	No

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/247620 VDB Entry ([email protected])
https://www.ibm.com/support/pages/node/6964516 Patch, Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/247620 VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://www.ibm.com/support/pages/node/6964516 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)