Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-25922

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247621.

Published

2024-02-28T22:15:25.683

Last Modified

2024-12-13T20:59:47.813

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-434

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	security_guardium_key_lifecycle_manager	< 4.1.1.7	Yes
Operating System	ibm	aix	-	No
Operating System	linux	linux_kernel	-	No
Operating System	microsoft	windows	-	No

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/247621 VDB Entry ([email protected])
https://www.ibm.com/support/pages/node/6964516 Patch, Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/247621 VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://www.ibm.com/support/pages/node/6964516 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)