Description
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
Affected products
- IBM Corporation / Key Lifecycle Manager2.5 – 2.5
- IBM Corporation / Key Lifecycle Manager1.0 – 1.0
- IBM Corporation / Key Lifecycle Manager2.0 – 2.0
- IBM Corporation / Key Lifecycle Manager2.0.1 – 2.0.1
- IBM Corporation / Key Lifecycle Manager2.6 – 2.6