CVE-2023-25924
Summary
| CVE | CVE-2023-25924 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-03-22 06:15:00 UTC |
| Updated | 2023-11-07 04:09:00 UTC |
| Description | IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an authenticated user to perform actions that they should not have access to due to improper authorization. IBM X-Force ID: 247630. |
Risk And Classification
Problem Types: CWE-863
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Security Key Lifecycle Manager | 3.0 | All | All | All |
| Application | Ibm | Security Key Lifecycle Manager | 3.0.1 | All | All | All |
| Application | Ibm | Security Key Lifecycle Manager | 4.0 | All | All | All |
| Application | Ibm | Security Key Lifecycle Manager | 4.1 | All | All | All |
| Application | Ibm | Security Key Lifecycle Manager | 4.1.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | MISC | exchange.xforce.ibmcloud.com | |
| Security Bulletin: Multiple Vulnerabilities in IBM Security Guardium Key Lifecycle Manager | MISC | www.ibm.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.