CVE-2016-6095

Description

IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.

Affected products

• IBM Corporation / Key Lifecycle Manager2.5 – 2.5
• IBM Corporation / Key Lifecycle Manager1.0 – 1.0
• IBM Corporation / Key Lifecycle Manager2.0 – 2.0
• IBM Corporation / Key Lifecycle Manager2.0.1 – 2.0.1
• IBM Corporation / Key Lifecycle Manager2.6 – 2.6

References

• MISChttp://www.securityfocus.com/bid/95965
• MISChttp://www.ibm.com/support/docview.wss?uid=swg21997802