CVE-2016-6105

Description

IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 do not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas.

Affected products

• IBM Corporation / Key Lifecycle Manager2.5 – 2.5
• IBM Corporation / Key Lifecycle Manager1.0 – 1.0
• IBM Corporation / Key Lifecycle Manager2.0 – 2.0
• IBM Corporation / Key Lifecycle Manager2.0.1 – 2.0.1
• IBM Corporation / Key Lifecycle Manager2.6 – 2.6

References

• MISChttp://www.securitytracker.com/id/1037763
• MISChttp://www.ibm.com/support/docview.wss?uid=swg21997741
• MISChttp://www.securityfocus.com/bid/95904